Breach at US-based cybersecurity provider F5 blamed on China, Bloomberg News reports

(Reuters) -A breach at U.S.-based cybersecurity company F5 has been blamed on state-backed hackers from China, Bloomberg News reported on Wednesday, citing people familiar with the matter. Reuters could not immediately verify the report. Earlier in the day, U.S. government officials said federal networks are being targeted by an unidentified "nation-state cyber threat actor" that's trying to exploit vulnerabilities in products made by F5. F5 and the Chinese embassy in Washington did not immediately respond to Reuters' requests for comment. The U.S. Cybersecurity and Infrastructure Security Agency (CISA), when contacted by Reuters, did not confirm whether the breach was carried out by Chinese state-backed hackers. "These same risks extend to any organization using this technology, potentially leading to a catastrophic compromise of critical information systems," CISA Acting Director Madhu Gottumukkala said in a statement, without specifying who was behind the hack. F5, which provides cybersecurity and multi-cloud application services, said on Wednesday it had detected unauthorized access to certain company systems by a threat actor, but the breach did not affect its operations. Representatives for F5 told customers the hackers were in its network for at least 12 months, according to the Bloomberg News report. F5 also sent customers a threat-hunting guide for malware called Brickstorm, which Bloomberg attributed to a Chinese state-backed hacking group, the report said. The report added F5 chief executive officer Francois Locoh-Donou is personally briefing customers about the timeline and the alleged China-linked hackers. British authorities issued an alert urging F5 users to update software. (Reporting by Devika Nair, Gnaneshwar Rajan in Bengaluru; Additonal reporting by Nilutpal Timsina; Editing by Sumana Nandy and Rashmi Aich)

(The article has been published through a syndicated feed. Except for the headline, the content has been published verbatim. Liability lies with original publisher.)