FireEye Breach Fallout Yet to Be Felt Aftermath of the FireEye breach by Russia's foreign service agency raises concerns over what the attackers could do next - and how to defend against it. FireEye's revelation earlier this week that it had been infiltrated by a nation-state hacking operation that stole its red-team hacking tools served as a chilling reminder to the security industry that no one is impermeable to an attack — not even a major incident response company more accustomed to probing and cleaning up the breaches of other high-profile organizations. Several reports and sources say Russia's SVR foreign service agency, aka APT 29 or Cozy Bear, was the perpetrator. There are still plenty of unknowns about the attack: how the attackers got initial access to FireEye's systems, what defenses they bypassed and how, whether any Windows zero-days were used, and just what if any internal information they accessed on what FireEye CEO Kevin Mandia described as their ultimate target: "certain government customers" of the company.