China-backed hackers blamed for F5 cybersecurity breach, Bloomberg reports

A breach at US-based cybersecurity company F5 (FFIV.O) has been blamed on state-backed hackers from China, Bloomberg News reported on Wednesday, citing people familiar with the matter.

Reuters could not immediately verify the report.

Earlier in the day, US government officials said federal networks are being targeted by an unidentified "nation-state cyber threat actor" that's trying to exploit vulnerabilities in products made by F5.

F5 and the Chinese embassy in Washington did not immediately respond to Reuters' requests for comment.

The US Cybersecurity and Infrastructure Security Agency (CISA), when contacted by Reuters, did not confirm whether the breach was carried out by Chinese state-backed hackers.

"These same risks extend to any organisation using this technology, potentially leading to a catastrophic compromise of critical information systems," CISA Acting Director Madhu Gottumukkala said in a statement, without specifying who was behind the hack.

F5, which provides cybersecurity and multi-cloud application services, said on Wednesday it had detected unauthorised access to certain company systems by a threat actor, but the breach did not affect its operations.

Representatives for F5 told customers the hackers were in its network for at least 12 months, according to the Bloomberg News report.

F5 also sent customers a threat-hunting guide for malware called Brickstorm, which Bloomberg attributed to a Chinese state-backed hacking group, the report said.

The report added that F5 chief executive officer Francois Locoh-Donou is personally briefing customers about the timeline and the alleged China-linked hackers.

British authorities issued an alert urging F5 users to update software.