Avast Anti Virus Forum hacked, Login Credentials of 400,000 users compromised

6
                               
Antivirus firm Avast  has today confirmed that it took its Community support forum offline  following a data breach which may have affected log in ids and passwords of more than 400,000 users.
Avast Forum hacked, Login Credentials of 400,000 users Compromised

Company’s CEO Vincent Steckler today stated in a blog post that user’s nicknames, user names, email addresses and hashed passwords were compromised in a attack on Avast Forum which took place over this past weekend. Steckler also noted in the same blog, that although the passwords are hashed but  it could be possible for a sophisticated thief / progammer to derive these passwords.

Avast Forum hacked, Login Credentials of 400,000 users Compromised

Avast claims that this attack seems to have affected less than 0.2% of a total of 200 million users of the forum.  It also claimed that no financial details like payment, license terms or other data was compromised.

The Forum (forum.avast.com) has since been taken offline and is being rebuilt and moved to a more secure platform. Avast has already informed all the affected parties via email asking them to immediately change their passwords.  Users may also change their other passwords like Facebook, gmail and other emails, banking etc. if its the same as the Avast forum account

Once the forum is back online, effected users will be asked to reset their password while trying to logging in with the old password.

The company said the Forum was hosted on a third-party Software platform.  This third party software may have been the weak link in the defences of the forum which was most probably the attackers took advantage of.   It is not understood how a big AV and security firm could rely on third party software for such important website without ample security considerations.

About Author

CEO and Founder Of 'Techworm'. Cyber Security Analyst, Information Security Researcher, And Social Media Promoter.

                               

6 Comments

    • Protip: having a website hacked has nothing to do with the effectiveness of there antivirus program.

  1. Forum logins are completely different to account details etc., which presumably they are more careful with. They probably thought the same, &#39;only the forum&#39;, which isnt great but not drastic. <br /><br />And if peeps use the same pass for forums and banking they&#39;re the foolest of fools!<br /><br />Doesn&#39;t stop me using Avast or recommending it at all.

Leave A Reply