U.S. network and security provider F5 has confirmed limited impact from a nation-state cyberattack that allowed persistent access to its systems and led to the theft of BIG-IP source code, customer configuration data, and details on 44 vulnerabilities, according to CyberScoop.Only a small number of customers, which have since applied emergency updates, were impacted by the already contained incident, said F5 CEO Franois Locoh-Donou. Locoh-Donou added that the stolen data was not sensitive, and customer operations saw minimal disruption. Cybersecurity firms IOActive and NCC Group, which assisted in recovery efforts, found no critical flaws in the stolen code, and F5 continues scanning for potential issues.The company has expanded its bug bounty program and partnered with CrowdStrike to add EDR capabilities to BIG-IP systems. The attack was discovered in August and disclosed in October. It prompted a federal emergency directive but has not significantly altered F5's outlook. The firm expects up to 4% revenue growth in fiscal 2026.
Threat Intelligence, Breach
F5 investigates nation-state cyberattack, says impact remains limited

(Adobe Stock)
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds



