The incident is more of a "statement against FireEye than a catastrophe". Check out their "defensive tools" (yawn) released here https://github.com/fireeye/red_team_tool_countermeasures Seriously? They are nothing compared to the Shadow Brokers leak... 

This was my initial suspicion when the story first broke, the threat actors trying to gain access to FireEye's client vulnerability scans, network layout, etc. The red team tools are important but their customer data is even more valuable.

"Consistent with a nation-state cyber-espionage effort, the attacker primarily sought information related to certain government customers. While the attacker was able to access some of our internal systems, at this point in our investigation, we have seen no evidence that the attacker exfiltrated data from our primary systems that store customer information from our incident response or consulting engagements, or the metadata collected by our products in our dynamic threat intelligence systems. If we discover that customer information was taken, we will contact them directly."

FireEye Shares Details of Recent Cyber Attack, Actions to Protect Community 

According to the Washington Post article, APT 29 Cozy Bear, are the ones responsible. It'll be interesting to find out if any client data was breached and from who.  

MITRE ATT&CK APT29 

Spies with Russia’s foreign intelligence service believed to have hacked a top American cybersecurit... 

"The breach was disclosed by FireEye on Tuesday, though the firm did not attribute it to Russia’s foreign intelligence service. It was detected in recent weeks, said one of the people, who like others interviewed for this story spoke on the condition of anonymity because the investigation is ongoing."

Russia's FireEye Hack Is a Statement—but Not a Catastrophe 

“The most important data that a company like FireEye has is data about its customers. The second most important data they have are the sources and methods they use to protect their customers,” like threat intelligence data, says Richard Bejtlich, former chief security officer of Mandiant, the incident response division of FireEye, and principal security strategist at the network analysis firm Corelight. “Farther down the line are the red team tools, where they’re emulating adversaries.”

OK, I'll go there... to me this sounds like things being exaggerated to try to make the company look good. I would much sooner believe someone made a dumb mistake and it got exploited than this massive force they make the attack out to be. It seems like their way of trying to save credibility with their clients and admitting that even then best of us make dumb mistakes sometimes.

Just my .02

John-