Symantec has been scrambling to address a security breach from 2006 that revealed some of its source code, and now it is addressing concerns over how it originally handled the incident. At issue is whether or not the company should have realized back in 2006 that its source code had been stolen.
Symantec originally said that the stolen code only concerned four and five-year-old versions of some business-centric software, and since then the company admitted that corporate users of the company's pcAnywhere remote-access software should stop use of the program to minimize the possibility of a cyberattack. While the software vulnerabilities appear to be handled, some of the company's statements have made it sound like it was aware of the incident back in 2006 — and opted to cover it up.
According to Symantec, that wasn't the case. A spokesperson has told Wired that "we knew there was an incident in 2006, but it was inconclusive at the time as to whether or not actual code was taken." While the company can't explain why it didn't realize the full extent of the data breach at first, the spokesman said it confirmed that the source code was stolen by working through the company's logs.