We noticed you're blocking ads.

Keep supporting great journalism by turning off your ad blocker.

Questions about why you are seeing this? Contact us

Font Size

- Aa +

Fri 20 Feb 2009 12:00 AM

Font Size

- Aa +

Symantec hit by hack attack on website

Ethical hacker uses SQL vulnerability to gain access to company database through EMEA site

The website of security specialists Symantec was hacked into recently by a Romanian ethical hacking group known as HackersBlog.

Taking advantage of a SQL injection vulnerability in a section of Symantec’s EMEA site, the hacker was able to gain unauthorised access to the company database.

“The irony of the situation is that it’s done on https , on a login page , a page that promotes security products like Norton AntiVirus 2009 and Norton Internet SECURITY,” the hacker, going by the name of unu, revealed.

Unu has decided not to release any further details in order to give the prominent security software provider time to patch the vulnerability.

Symantec has since issued a statement to confirm that no company or customer information was exposed, stating that: "It appears that the individual who reported it based the report on an error message. Symantec has addressed this issue and the web page is back up and running."

The attack is the latest in a series of successful hack-and-shame attempts by HackersBlog members on prominent security vendors, including Kaspersky, F-Secure and BitDefender.

Kaspersky went on record a few days ago to confirm that the data breach on its US website last week did not expose any customer information.

Arabian Business digital magazine: read the latest edition online

For all the latest tech news from the UAE and Gulf countries, follow us on Twitter and Linkedin, like us on Facebook and subscribe to our YouTube page, which is updated daily.