Data breach against Symantec and its costumers?

Symantec, the information security services industry giant, minimized a data breach incident that, according to cybersecurity specialists would have allowed a threat actor to access the company’s passwords and a list of customers, including prominent private companies and government institutions in Australia.

In this list of organizations working with Symantec are the main departments of the Australian government, in addition, the hacker has also claimed responsibility for the leak of information from the Medicare medical company that ended with millions of records for sale on dark web forums.

On the other hand, the company claims that it is a minor incident involving an isolated testing environment in Australia that does not have a connection to the company’s corporate network; “this lab only works as a demo to show the security solutions we offer,” says Symantec.

The information security services firm decided not to report the incident, as they thought that no confidential information was compromised, as hackers failed to access Symantec’s corporate network.

The information extracted by the hacker is a list of alleged Symantec CloudSOC service clients, administrator account access credentials, and some account numbers. In the company’s statement, it is mentioned that it is only fictitious information used for demonstration purposes. Alleged organizations whose information was compromised include the Australian Federal Police, four major banks, insurance companies, academic institutions and some local government departments. 

According to the experts in information security services from the International Institute of Cyber Security (IICS), the Australian Privacy Act includes a mandatory process for reporting data breach incidents that could considerably compromise victims’ information.

“In Symantec we deal with any cybersecurity incident with the highest priority and trying to comply with the data protection laws of each country where we work”, said a spokesperson.  “Nevertheless, according to our internal policy, no confidential information has been compromised that could generate further consequences; in any case, we will keep monitoring the situation”, concluded the spokesperson.