Apparently the employee’s LinkedIn account was seemingly taken over by the hacker, who posted a series of messages claiming they had hacked the victim’s emails and contact lists.
But after a six-day examination FireEye said the hacker’s claims were false, but admitted that three corporate documents were obtained and two customers were compromised through the victim’s personal accounts.
Writing in his bog FireEye’s Steven Booth said: “The attacker did not breach, compromise or access our corporate network, despite multiple failed attempts to do so.
“The victim supports a very small number of customers. Two customer names were identified in the victim’s personal email and disclosed by the attacker. We believe these are the only two customers impacted by this incident.”
Booth added that the employee’s online credentials had been released into the public domain through eight security breaches of third parties in the past, including LinkedIn.
All documents exposed by the hacker in this instance, minus the three referenced above, were already in the public domain, according to the vendor.
Booth added that other documents released by the hacker were manufactured screen grabs that “falsely implied successful access to our corporate network”.