Late Tuesday night, at least 35 public facing websites belonging to Panda Security were hacked and defaced by the LulzSec and Anonymous hacking groups. The defacement also posted multiple usernames and passwords associated with Panda Security employees.
For its part, Panda Security has publicly claimed that the attack did not breach their internal security or their source code. They also claim that no customer data was accessed. The breached sites were hosted by an external web hosting provider.
At this early stage, the precise mechanisms by which the Panda Security sites were exploited remains publicly undisclosed. That said, there are a number of good practices that security experts recommend to help mitigate risks. According to WhiteHat Security CTO and Founder, Jeremiah Grossman, these types of attacks are painfully common.
“The Panda Security breach is yet another reminder that no one is safe from breaches, not even security companies,” Grossman told InternetNews.com. “As has been suggested in the community, we really need more organizations sharing the details of their incident response investigation. Only then can we learn what controls are working, or not, and improve our industry’s outcomes.”
Graham Cluley, senior technology consultant at security vendor Sophos, noted that while it’s unclear as to how Panda’s sites were exploited, there are some rules that businesses can use to help protect themselves.
“Many businesses try to use the net to promote their brands and for marketing operations, but they should be cautious that they don’t race to put new webpages in place without proper thought around security,” Cluley told InternetNews.com. “Let’s not forget that Panda is the victim here – the ones who really did wrong are the criminal Anonymous hackers who defaced the firm’s sites and spread untruths about Panda’s software being interfered with.”