IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Symantec: 2006 hack leaked source code

The security giant publicly discloses a breach of its network - almost six years after it took place.

Symantec

Symantec has backtracked on how source code relating to its products was leaked, revealing its own network was hacked in 2006.

The revelation came after hacktivist group Anonymous claimed it was going to release the full source code of Symantec's flagship Norton anti-virus software.

The security giant said it believed the data acquired by hackers came after a hack in 2006, although it could not confirm to IT Pro how the break-in took place.

Symantec customers - including those running Norton products - should not be in any increased danger of cyber attacks.

Earlier this month, Symantec confirmed some source code relating to older enterprise products had been stolen. At the time, it claimed Norton products were unaffected and its own network had not been breached.

Hackers calling themselves The Lords of Dharmaraja threatened to publish the information online, saying they acquired the information from the Indian military.

From the 2006 hack, affected products include old versions of Norton Antivirus Corporate Edition, Norton Internet Security, Norton SystemWorks (Norton Utilities and Norton GoBack) and its remote access software solution pcAnywhere.

Symantec Endpoint Protection (SEP) 11.0 and Symantec AntiVirus 10.2 inherited a very small amount of exposed code, the company said. There are no indications customers data has been stolen, it added.

"Due to the age of the exposed source code, except as specifically noted below, Symantec customers - including those running Norton products - should not be in any increased danger of cyber attacks resulting from this incident," a spokesperson said.

"Customers of Symantec's pcAnywhere product may face a slightly increased security risk as a result of this exposure if they do not follow general best practices. Symantec is currently in the process of reaching out to our pcAnywhere customers to make them aware of the situation and to provide remediation steps to maintain the protection of their devices and information. Since 2006, Symantec has instituted a number of policies and procedures to prevent a similar incident from occurring."

Symantec said businesses do not need to take any additional steps to protect themselves as a result of the hack. The company recommended customers ensure their software is up to date.

For any IT departments still concerned about the source code leak, Symantec has set up an advice page here.

Symantec did not disclose the 2006 hack publicly at the time, meaning it has taken between five and six years for the breach for the security firm to reveal what happened, or that the company did not know source code had gone missing back then.

RSA was heavily criticised for not immediately publicly disclosing a breach last year, when information relating to its SecurID product was compromised.

Featured Resources

Accelerating AI modernisation with data infrastructure

Generate business value from your AI initiatives

Free Download

Recommendations for managing AI risks

Integrate your external AI tool findings into your broader security programs

Free Download

Modernise your legacy databases in the cloud

An introduction to cloud databases

Free Download

Powering through to innovation

IT agility drive digital transformation

Free Download

Recommended

Anonymous hijacks Russian broadcasts with footage of Ukraine war
hacking

Anonymous hijacks Russian broadcasts with footage of Ukraine war

7 Mar 2022
WatchGuard Firebox M290 review: Stiff security at a great price
unified threat management (UTM)

WatchGuard Firebox M290 review: Stiff security at a great price

23 Feb 2022
Sophos XGS 3300 review: Xstream firewall performance
Security

Sophos XGS 3300 review: Xstream firewall performance

7 Jan 2022
Ubiquiti Networks UniFi Dream Machine Pro review: All the security you need in one handy box
Security

Ubiquiti Networks UniFi Dream Machine Pro review: All the security you need in one handy box

18 Nov 2021

Most Popular

Former Uber security chief to face fraud charges over hack coverup
data breaches

Former Uber security chief to face fraud charges over hack coverup

29 Jun 2022
Macmillan Publishers hit by apparent cyber attack as systems are forced offline
Security

Macmillan Publishers hit by apparent cyber attack as systems are forced offline

30 Jun 2022
FCC commissioner urges Apple and Google to remove TikTok from app stores
data protection

FCC commissioner urges Apple and Google to remove TikTok from app stores

29 Jun 2022