HTP Hackers Claim Symantec Breach
Hundreds of names, e-mail addresses and hashed passwords were published online.
Hacker group Hacker the Planet, or HTP, today claimed to have breached Symantec's Web site.
"The Symantec hack allegedly resulted in the leak of email addresses and other personal data from hundreds of security researchers," writes The Register's John Leyden. "Hackers claimed to have exploited a zero-day bug in the ZPanel portal software used by Symantec to pull off the hack. A Symantec spokeswoman said that the security firm was investigating: 'Our first priority is to make sure that any customer information remains protected. We are investigating these claims and have no further information to provide at this time.'"
"The leaked data includes information the hackers claim to have copied from a Symantec database, including the names, email addresses and hashed passwords of hundreds of users," writes TechHive's Lucian Constantin. "Many of the email addresses are on the @symantec.com domain. 'Saved by your WAF [web application firewall]? You wish,' the hackers said. 'All the other major AV corps are owned too, yours just pissed us off the most. Oh, and if you think we're listing everything here, take the blue pill.'"
"The hackers imply that they used a vulnerability in the open source control panel ZPanel to get access to the Symantec site," The H Security reports.
"According to the Twitter account @doxbin, the Symantec hack was not carried out by Anonymous, but by ... Hack the Planet (HTP)," writes PCMag.com's Chloe Albanesius. "'Anon didn't do Symantec. HTP is not affiliated with Anonymous. Do some basic fact checking,' doxbin tweeted at a reporter today."