The person who attacked the personal online accounts of a FireEye employee several months ago was arrested and taken into custody on Thursday by international law enforcement, FireEye said.
The California-based company worked with law enforcement and spent hundreds of hours investigating a hacker's July claim that he had breached FireEye's corporate network, according to chief executive Kevin Mandia. But these attackers rarely, if ever, get caught, Mandia said.
"Over my career, I have found it frustrating how little risk or repercussions exist for the attackers, who hide behind the anonymity of the internet to cause harm to good, well-intentioned people," Mandia told Wall Street analysts Wednesday. "Therefore, I am pleased that, in this case, we were able to impose repercussions for the attacker and achieve a small victory for the good guys."
FireEye announced in August that the hacker didn't breach, compromise or access the company's corporate network, despite multiple failed attempts to do so. Instead, the attacker used credentials for the victim's social media and email accounts exposed in publicly-disclosed third-party breaches to access the employee's personal online accounts.
The attacker publicly released three FireEye corporate documents obtained from the victim's personal online accounts, according to a 7 August blog post from FireEye chief security officer Steven Booth. Two customer names were identified in the employee's personal email and disclosed by the hacker.
Customers or prospects concerned about the attack were able to sit down with Mandia or FireEye's CISO and talk through what happened, according to CFO and chief accounting officer Frank Verdecanna. Although it took some time to get through those discussions, Verdecanna told CRN USA that he doesn't believe the incident had a significantly negative impact on FireEye's performance in the quarter.
At the same time, though, Mandia told CRN USA that FireEye had to sink a "tremendous" amount of time and effort into investigating the hacker's claims. That efforts a lot of direct, real costs on the company, according to Mandia.
"I don't want to underestimate the unfairness of the situation of an anonymous person making false claims," Mandia told CRN USA. "You have to prove the negative, which is really annoying."
All told, Verdecanna said the negative impact of the attack was primarily centered around the time it took FireEye to get to the bottom of what happened and convincing customers that the company wasn't breached.
"Had we been breached, that would have been a whole different ballgame," Verdecanna told CRN USA. "The fact is that we were able to prove that we weren't breached."
FireEye's sales for the quarter ended 30 September climbed to US$189.6 million, up 1.7 percent from US$186.4 million the year prior. That edged out Seeking Alpha projections of US$186.2 million.
The company recorded a net loss of US$72.9 million, or US$0.41 per share, improved from a net loss of US$123.4 million, or US$0.75 per share, last year. On a non-GAAP basis, net income came in at US$6.5 million, or US$0.04 per share, better than a net loss of US$29.4 million, or US$0.18 per share, the year before. This beat Seeking Alpha projections of a net loss of US$0.07 per share.
FireEye's stock fell US$1.99 (12.16 percent) to US$14.38 in after-hours trading. Earnings were released after the market closed Wednesday.
For the coming quarter, FireEye expects to break even or report a net loss of as much as US$0.03 a share on sales of between US$190 million and US$196 million. Analysts had been expecting a net loss of US$0.01 on earnings of US$195.9 million, according to Seeking Alpha.