Home / / Symantec denies recent hack claim

Symantec denies recent hack claim

Says ethical hacker based report on error message and that there was no security vulnerability involved

Symantec has hit back on claims that its EMEA site was the recent target of a successful hack attack, stating that there was no security vulnerability involved.

As soon as the news broke, Symantec took down the site and conducted its own tests to determine that the “individual who reported it based the report on an error message”.

The company added that no company or customer information was exposed in the incident.

In response to the ethical hacker’s claims that he used a blind SQL injection to access the security vendor’s database, Symantec posted a note on the HackersBlog site to state that: “Upon thorough investigation, we have determined that the Blind SQL Injection is, in fact, not effective. The difference in response between valid and injected queries exists because of inconsistent exception handling routine for language options.”

In a generous move, Symantec thanked the hacker, identified only as unu, for notifying them about the issue.

HackersBlog, in response, stated that they “appreciate and support this type of response from a company, more so a vendor! This could help other organisation see and understand that the best way to approach things is by open communication and dialog.”

Follow us to get the most comprehensive technology news in UAE delivered fresh from our social media accounts on Facebook, Twitter, Youtube, and listen to our Weekly Podcast. Click here to sign up for our weekly newsletter on curated technology news in the Middle East and Worldwide.

REGISTER NOW | Webinar Event | Security you can bank on – Safeguarding the Middle East’s financial sector

Presented in partnership with security and network specialist Cybereason, the second in the three part webinar series will bring together a panel of experts to discuss how banks and financial institutions are evolving their service offering while simultaneously staying one step ahead of the cyber criminals who seek to bring their operations crashing to the ground.