Recent media reports claimed that security giant Symantec exposed confidential data and a purported list of prominent Australian clients during its demonstration process in February 2019. However, contrary to the media reports, the company has called it a ‘minor incident’.
Uncovering the incident
According to a Guardian Australia report, the hackers had targeted Symantec accounts belonging to several large Australian firms as well as major Australian government departments. The hackers behind the breach are the one who had stolen information from Australia’s Medicare program and later posted it for sale on the dark web.
What data was allegedly stolen?
The hackers had extracted a list of clients who availed Symantec’s CloudSOC CASB (cloud access security broker) services. The impacted clients included the Australian federal police, major banks, universities, and retailers, among others. The stolen data also included passwords and Symantec account numbers.
However, Symantec has refuted the claims, citing the stolen data as "fake".
How has the company responded?
Symantec has refuted the data breach and said that the data in the exposed system included dummy emails and a small number of non-sensitive files.
“This is an old list of some of the largest public and private entities in Australia – it was in the environment for testing purposes. These entities are not necessarily Symantec customers, nor do we necessarily host services for them,” Symantec told Guardian Australia.
The company has characterized the breach as a ‘minor incident’ since it involved a self-enclosed demo in Australia that was not connected to Symantec’s corporate network.
"No sensitive personal data was compromised nor were Symantec’s corporate network, email accounts, products or solutions. As the world’s largest cybersecurity company, it is not uncommon for Symantec to be targeted by hackers and other cybercriminals,” Symantec told CRN.