Czech anti-virus vendor Avast has taken its forum offline after it was hacked this weekend, and saw user names and hashed passwords compromised.
According to a post by CEO Vince Steckler, user nicknames, user names, email addresses and hashed (one-way encrypted) passwords were compromised. He said that once the forum is back online, all users will be required to set new passwords as the compromised passwords will no longer work.
He said: “This issue only affects our community-support forum. Less than 0.2 per cent of our 200 million users were affected. No payment, license, or financial systems or other data was compromised.
“We are now rebuilding the forum and moving it to a different software platform. When it returns, it will be faster and more secure. This forum for many years has been hosted on a third-party software platform and how the attacker breached the forum is not yet known. However, we do believe that the attack just occurred and we detected it essentially immediately.”
Steckler said it was aware of the seriousness of the attack and compromise, and said he regretted the “concern and inconvenience it causes you”, but he reiterated that this is an isolated third-party system and sensitive data remains secure.
Security analyst Graham Cluley said it should be a concern that data was leaked. “Details of the algorithm used by Avast to secure the hashed passwords isn’t revealed in the blog post, but clearly the firm is concerned that a determined attacker could crack some of the credentials – opening the possibility for victims to find other online accounts are compromised if they have been using the same passwords elsewhere on the web,” he said.
“In fairness,Avast are far from the first security company to have suffered at the hands of internet attackers. My guess is that they won’t be the last either. Rival security companies would be wise not to feel too smug about Avast’s misfortune – but instead look closely at their own systems to determine if any of them might be slacking on security.”
