Symantec is sending out notes to Road Runner Safe Storage customers, alerting them to a security incident involving WhaleMail and SwapDrive accounts.
“Recently, an unauthorized third party accessed one of our databases. As soon as we learned of the attack, we limited all access to the database and thus the vulnerability was eliminated. However, as a result of this incident, your account credentials may have been exposed,” Symantec said in the notes out to its users.
While the company reassures users their credit card numbers and social security numbers are safe, the attackers may have stolen names, email addresses, usernames, passwords, secret questions and their answer and, in some cases, billing addresses.
To prevent any incidents, the company disabled all passwords. Now, when users log into the service, they will have to utilize the “Forgot your password” feature to retrieve and reset their passwords.
Any potential victim should change passwords to all accounts that share the same credential combination.
Back in July, a group of hackers, claimed to have found several security holes in websites associated with Symantec’s SwapDrive (swapdrive.com was one of them).
They said the vulnerability allowed them to easily gain access to databases and extract user information. One of the flaws they found was a SQL Injection vulnerability, the details of which they published at the time.
In this case, attackers launched an SQL Injection attack on SwapDrive.com to penetrate their systems.
Symantec officials said they fixed the SwapDrive vulnerability discovered and published by the hackers back in July, shortly after the company learned of its existence. This means that the flaw leverage by the attackers in this case is a different one.