Author's Opinion

The views in this column are those of the author and do not necessarily reflect the views of iTWire.

Have your say and comment below.

Monday, 17 June 2019 08:55

Symantec hid breach of demo system for four months: report

Symantec hid breach of demo system for four months: report Image by ibrahim abed from Pixabay

American cyber security behemoth Symantec suffered a breach of its systems in February but kept quiet about it even though passwords and a list of companies said to be its clients were stolen by an attacker.

The Guardian reported that its staffer, Paul Karp, had seen the list which included a large number of Australian Federal departments. The attacker was the same one who had contacted the newspaper and claimed to have Medicare data for sale on the dark web.

Symantec has played down the incident, telling The Guardian that the system involved was "an isolated self-enclosed demo lab in Australia" not connected to its corporate network.

But don't security companies secure such labs even if they are, as the company put it, "used to demonstrate" security solutions and how they work together? Or are they left open to world+dog?

How many other breaches of this kind have taken place at Symantec and gone unreported? We only know about this incident because Karp got wind of it. Four months have gone by since it occurred, so it looks like Symantec was resorting to an old Microsoft recipe: security through obscurity.

symantec homepage

A screenshot of part of the Symantec homepage.

The company told The Guardian that the incident in question was not reported because it had concluded "no sensitive personal data was hosted in or extracted from this demo lab, nor were Symantec’s corporate network, email accounts, products or solutions compromised".

Whether the files within that system were dummy data or not, the only systems that are left open on the Internet are play servers where the person who sets them up wants them to be breached in order to collect data for a study. Another category of system known as a honeypot is often left with some ports purposely open so that it is attacked, once again for the purpose of study.

Rather than trying to whitewash the incident now, Symantec should have made proper disclosure at the time and said everything that it is now being forced to say.

It is a bad look for a company that claims to have "the strongest cyber defence platform powered by the world’s largest and most dynamic civilian threat intelligence network".


You cannot afford to miss this Dell Webinar.

With Windows 7 support ending 14th January 2020, its time to start looking at your options.

This can have significant impacts on your organisation but also presents organisations with an opportunity to fundamentally rethink the way users work.

The Details

When: Thursday, September 26, 2019
Presenter: Dell Technologies
Location: Your Computer


QLD, VIC, NSW, ACT & TAS: 11:00 am
SA, NT: 10:30 am
WA: 9:00 am NZ: 1:00 pm

Register and find out all the details you need to know below.



iTWire can help you promote your company, services, and products.


Advertise on the iTWire News Site / Website

Advertise in the iTWire UPDATE / Newsletter

Promote your message via iTWire Sponsored Content/News

Guest Opinion for Home Page exposure

Contact Andrew on 0412 390 000 or email [email protected]


Sam Varghese

website statistics

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.



Recent Comments