Trellix investigates data breach after unauthorized access to source code repository

Trellix, a global cybersecurity company formed through the 2021 merger of McAfee Enterprise and FireEye, disclosed that unauthorized actors gained access to a portion of its source code repository, prompting an ongoing investigation supported by external forensic experts.

The company said it identified the breach recently and initiated a response immediately upon detection. Law enforcement authorities have been notified as part of the investigation, which is focused on determining the scope and impact of the incident.

“Trellix recently identified unauthorized access to a portion of our source code repository. Upon learning of this matter, we immediately began working with leading forensic experts to resolve it,” the company said in an official statement.

Based on findings to date, Trellix said there is no evidence that its source code release or distribution processes were affected, nor any indication that the accessed code has been exploited or altered. The company added that it plans to share additional details once the investigation concludes.

Trellix provides cybersecurity solutions to more than 50,000 business and government customers worldwide and protects over 200 million endpoints. The company did not disclose when the breach was first detected or whether any corporate or customer data was accessed during the incident. It also has not confirmed whether a ransom demand was made.

The breach follows a series of recent cybersecurity incidents involving technology and security firms. In separate cases this year, application security company Checkmarx confirmed that data from its internal code repository was exposed, while Cisco reported that attackers accessed its development environment and obtained source code. In another incident, bug bounty platform HackerOne notified employees that personal information had been compromised after a breach at a third-party service provider.

Trellix said its investigation remains ongoing as it continues to assess the incident and implement response measures.