Guardian Australia claims to have found evidence that the Symantec network has been hacked back in February, but the cyber-security and cloud hosting company has not disclosed anything relevant, nor are they admitting it now that the news has surfaced. The otherwise reliable news outlet allegedly has parts of the data that were extracted by the hackers during the breach incident, including passwords, a list of high-profile Symantec clients that even includes government agencies, and more. Symantec commented on this evidence saying that what Guardian holds is actually an old list that was used for internal testing and demonstration purposes. They also add that the information that is found in this list includes dummy emails and non-sensitive generic data that is mostly made-up.
Moreover, Symantec has clarified that not all of the list entries are their clients, and only a handful of them have ever bought hosting or cloud services (CloudSOC) from them. Some of the Australian ministries that are in the list have publicly confirmed that they are not using Symantec products, backing the IT company’s story. This includes the department of infrastructure, industry, human services, finance, and education. However, Guardian claims that some of the other firms have queried them about the incident, asking for details on what the news outlet has in their hands, which indicates that something really went wrong.
Some of these companies include well-known private entities in Australia that the Guardian won’t name for now. One of the Australian agencies that have admitted to using Symantec products is the Department of Social Services, however, they too have clarified that they are not storing sensitive citizen information on the Symantec CASB tool. All in all, everyone involved who has made a public statement about this seems not to leave any doubts about what happened.
IT companies like to use dummy data in order to test or demonstrate new products, so losing fake customer information that may look convincingly real to hackers is a possibility. Still, Guardian claims that the breach is an actual one and that Symantec just won’t admit it. This brings us to the data protection laws that oblige companies to disclose these incidents to the associated agencies, something that didn’t happen in this case either. With all the upheaval that has been caused by this, Symantec will definitely secure their testing platforms better in the future, even if they’re only working with dummy data.
Who do you believe, Guardian or Symantec? Let us know in the comments down below, and join the discussions on our socials on Facebook and Twitter.