Avast forum hack results in user passwords being compromised

Free anti-virus software maker confirms forum data breach has resulted in users' login details being leaked

Password and username box

The online forum of free anti-virus vendor Avast has been hacked, resulting in the usernames, hashed passwords and email addresses of its members being compromised.

The company, who is renowned for its free anti-virus tools, confirmed the breach in a blog post yesterday, and has taken the forum offline while it investigates the circumstances that led to the breach occurring.

No payment or financial data was lifted during the breach, Avast has confirmed, and less than 0.2 per cent of the 200 million people who use its anti-virus tools are thought to be affected.

In the post, Vince Steckler, CEO of Avast, urges users that use the same login details to access other sites to change them immediately.

"If you use the same password and user names to log into any other sites, please change those passwords," the post states.

"Once our forum is back online, all users will be required to set new passwords as the compromised passwords will no longer work."

The vendor said it plans to use the forum's downtime to migrate it to a new location, as well as beef up its security and performance.

"We are now rebuilding the forum and moving it to a different software platform. When it returns, it will be faster and more secure," the post reads.

"The forum for many years has been hosted on a third-party software platform and how the attacker breached the forum is not yet known. However, we do believe the attack just occurred and we detected essentially immediately."

News of the Avast breach comes nearly a week after online auction giant eBay suffered a data breach that resulted in hundreds of millions of its users' passwords being compromised.

The company has since come under fire for not warning users early enough about the breach, after it revealed it first found out about it several weeks ago.

Featured Resources

The complete guide to changing your phone system provider

Optimise your phone system for better business results

Download now

Simplify cluster security at scale

Centralised secrets management across hybrid, multi-cloud environments

Download now

The endpoint as a key element of your security infrastructure

Threats to endpoints in a world of remote working

Download now

2021 state of IT asset management report

The role of IT asset management for maximising technology investments

Download now

Recommended

Sopra Steria confirms it was hit by new Ryuk ransomware variant
Security

Sopra Steria confirms it was hit by new Ryuk ransomware variant

26 Oct 2020
Google fixes zero-day flaw in Chrome and Chrome OS
bugs

Google fixes zero-day flaw in Chrome and Chrome OS

23 Oct 2020
Microsoft spearheads industry-wide charter against AI cyber attacks
Security

Microsoft spearheads industry-wide charter against AI cyber attacks

23 Oct 2020
Weekly threat roundup: Chrome, Citrix and WordPress
Security

Weekly threat roundup: Chrome, Citrix and WordPress

23 Oct 2020

Most Popular

Microsoft CEO warns of video call fatigue
video conferencing

Microsoft CEO warns of video call fatigue

7 Oct 2020
How Liberty navigated a site relaunch during a pandemic
Sponsored

How Liberty navigated a site relaunch during a pandemic

8 Oct 2020
Best MDM solutions 2020
mobile device management (MDM)

Best MDM solutions 2020

21 Oct 2020