Anti-Virus Provider Reports Breach
400,000 Users Affected by Attack on Community ForumPrague-based anti-virus provider Avast has taken its online users forum offline following a data breach that exposed information on 400,000 users.
See Also: OnDemand | Realities of Choosing a Response Provider
The forum was hacked over the weekend of May 24, the company says in a blog post. Exposed information includes user nicknames, user names, e-mail addresses and hashed passwords.
"Even though the passwords were hashed, it could be possible for a sophisticated thief to derive many of the passwords," says Vince Steckler, CEO of AVAST Software. "If you use the same password and user names to log into any other sites, please change those passwords immediately."
Once the forum is brought back online, all users will be required to set new passwords, Steckler says.
The company says less than 0.2 percent of its 200 million users worldwide were affected. No payment, license or financial systems was compromised, Steckler says.
"We are now rebuilding the forum and moving it to a different software platform," he says. "When it returns, it will be faster and more secure. The forum for many years has been hosted on a third-party software platform, and how the attacker breached the forum is not yet known. However, we do believe that the attack just occurred and we detected it essentially immediately.
"We realize that it is serious to have these usernames stolen and regret the concern and inconvenience it causes you. However, this is an isolated third-party system, and your sensitive data remains secure."