{"id":27255,"date":"2019-06-14T16:08:13","date_gmt":"2019-06-14T16:08:13","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/30238\/Symantec-Plays-Down-Unreported-Breach-Of-Test-Data.html"},"modified":"2019-06-14T16:08:13","modified_gmt":"2019-06-14T16:08:13","slug":"symantec-plays-down-unreported-breach-of-test-data","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/symantec-plays-down-unreported-breach-of-test-data\/","title":{"rendered":"Symantec Plays Down Unreported Breach Of Test Data"},"content":{"rendered":"
<\/div>\n

The American cybersecurity giant Symantec has downplayed a data breach that allowed a hacker to access passwords and a purported list of its clients, including large Australian companies and government agencies.<\/p>\n

The list extracted in the February incident, seen by Guardian Australia, suggests that all major federal government departments were among the targets of a hacker who also claimed to be responsible for Medicare data being available for sale on the dark web<\/a>.<\/p>\n

But Symantec said the \u201cminor incident\u201d involved \u201can isolated, self-enclosed demo lab in Australia \u2013 not connected to Symantec\u2019s corporate network \u2013 used to [demonstrate] various Symantec security solutions and how they work together\u201d.<\/p>\n

The incident was not reported because Symantec concluded that \u201cno sensitive personal data was hosted in or extracted from this demo lab, nor were Symantec\u2019s corporate network, email accounts, products or solutions compromised\u201d.<\/p>\n

The hacker extracted a list of purported clients of Symantec\u2019s CloudSOC services, account managers and account numbers \u2013 but Symantec insists data contained in the system were \u201cdummy e-mails and a small number of low-level and non-sensitive files for demonstration purposes<\/em>\u201d in a demo lab \u201cnot used for production purposes\u201d.<\/p>\n

Sign up to receive the top stories from Guardian Australia every morning<\/a><\/p>\n

The list of purported clients includes the Australian federal police, the big four banks, insurers, universities, retailers and departments in the New South Wales and federal public service.<\/p>\n

\u201cThis is an old list of some of the largest public and private entities in Australia \u2013 it was in the environment for testing purposes,\u201d a Symantec spokeswoman said. \u201cThese entities are not necessarily Symantec customers, nor do we necessarily host services for them.\u201d<\/p>\n

Several federal departments, including infrastructure, industry, human services and finance, confirmed that they do not use Symantec\u2019s CloudSOC services and do not store information with Symantec. But Guardian Australia understands that others queried the \u201cminor\u201d breach with Symantec because they are customers.<\/p>\n

The Department of Social Services said it \u201cuses Symantec products including CloudSOC, in line with Australian Cyber Security Centre best practice\u201d.<\/p>\n

\u201cThe product in question is not used by the department to store customer, or sensitive information.\u201d<\/p>\n

In a statement the Department of Infrastructure, Transport, Cities and Regional Development noted the department name referenced in the list was \u201cdiscontinued in 2013\u201d.<\/p>\n

\u201cWe have received no notice from Symantec regarding this matter, but we will make contact in relation to their continued use, if any, of our department name.\u201d<\/p>\n