Symantec, the security giant that sells security products such as Norton anti-virus, looks to have been the victim of a hacker, who used inside information from the company to make more than $1 million on the stock market in early January, according to a lawsuit filed yesterday by government regulators. How did Symantec get owned?

Symantec has good company. Real Networks, CACI (government I.T. contractor best known for its role in the Abu Ghraib scandal), BJ’s Wholesale Club, and 8 other publicly traded companies all seem to have been targets of Blue Bottle Limited, a firm incorporated in Hong Kong by its owner Matthew Stokes, according to the lawsuit (.pdf) filed by the Securities and Exchange Commission.

Stokes managed to get inside information ahead of press releases about good or bad earning from publicly listed companies, and then made upwards of $2.7 million, since January 1, buying or shorting the stocks before the news was made public, according to the complaint. He made $291,000 buying Real Networks shorts on Valentines Day (shorting is a tactic where you make money when share prices go down).

On January 16, Blue Bottle made $1,030,471 from shorting Symantec’s stock when Symantec announced its revenues would be lower.

The SEC alleges that that Blue Bottle “employed devices, schemes or artifices to defraud, which may include, but may not be limited to, hacking into computer networks or otherwise improperly obtaining electronic access to systems that contained material non-public information about material news releases, and traded on the bais of such non-public information.”

Real Networks spokesman Bill Hankes said the company learned about the allegations yesterday and is “aggressively working with the SEC.” Hankes also emphasized that the SEC lawsuit didn’t specify how Blue Bottle allegedly acquired the information: “There are any number of possibilities” and that it’s not clear that it is a “computer-based assault.”

I’d love to try to figure out how this happened, but have only a few ideas at this point.

Assuming that the SEC is right, how did this person get access to this information ahead of time?

Seems there’s a couple of ways:

1) attack the companies directly

2) get the information from press releases ahead of time, either from a PR firm or from a press release news service

I’m guessing not 1, only because the list of companies is a bit odd - a mix of industries and company sizes. Here’s the full list:

• Achillon Pharmaceuticals, Inc. NASDAQ ACHN
• AllianceBerstein Holding NYSE AB
• Allscripts Healthcare Solutions NASDAQ MDRX
• BJ’s Wholesale Club NYSE BJ
• Brady Corporation NYSE BRC
• CACI International NYSE CAI
• LeCroy Corporation NASDAQ LCRY
• Millipore Corporation NYSE MIL
• Odyssey Healthcare NASDAQ ODSY
• Symanttec NASDAQ SYMC
• RealNetworks NASDAQ RNWK

Is a company like Business Wire or PRNewsWire the likely target?