According to a report in the Daly Mail, Yama Tough is claiming the source code comes from servers in India.
What could happen
It could well be that Symantec is right and that the code is years old. The information would have been gleaned from snippets Yama Tough has already made public.
However, if the hacker has more modern source code available then Symantec could have a problem. Essentially, handing the keys to how Symantec combats hackers to other hackers could allow them to overcome the software more easily.
And yes that paragraph said "could" - until we know exactly what's being made public it's all but impossible to say what could or couldn't happen because of this threat. What's absolutely certain is that this underlines the importance of keeping your security software up to date.