Select Your Region

Visit the Cary, NC, US corporate headquarters site

Americas

Europe

Middle East & Africa

Asia Pacific

View our worldwide contacts list for help finding your region

Americas

Europe

Middle East & Africa

Asia Pacific

Sign In

Get access to My SAS, trials, communities and more.

Sign Out

Get access to My SAS, trials, communities and more.

SAS Sites

sas.com
Support
Blogs
Communities
Developer
Curiosity
Videos

Documentation

Learn
Brand
PartnerNet
Merchandise
  1. Security Bulletins
  2. SAS Statement Regarding Potential Exposure of SAS Source Code

SAS Statement Regarding Potential Exposure of SAS Source Code

Reference Name: Potential Exposure of SAS Source Code
Status: See the Evaluation section below

History

  • 11-18-2025 (4:30 PM EST) – Investigation update
  • 11-18-2025 (12:15 PM EST) – Initial acknowledgement 

Evaluation

(4:30 PM EST Update) On November 18, 2025, an article was published alleging that SAS source code was exposed. In conjunction with SAS' threat intelligence partners, SAS obtained and reviewed the data and confirmed that SAS source code was not included. SAS determined that the surfaced data was comprised of publicly accessible files published by SAS Technical Support. SAS believes that the data in question poses no risk to SAS or SAS customers. No customer action is required.

(12:15 PM EST) SAS is aware of reports regarding a potential exposure of source code and is actively investigating. We are working with our threat intelligence partner to validate the claim. We will share more information and verified details as soon as they are available.

Security Bulletins

View other security bulletins, published as part of our formal PSIRT process.

Technical Support

Get world-class technical support via our support track system.

Samples & SAS Notes

Search our extensive Knowledge Base for code samples and SAS Notes.