- Feb 7, 2014
- 1,540
BitDefender, a much-respected anti-virus firm, has leaked a portion of its customers’ usernames and passwords after facing an extortion attempt by a hacker, going by the name DetoxRansome.
The perpetrator told FORBES all the data he stole was unencrypted. Usernames and passwords seen by your reporter were in plain text and would have been difficult to crack if previously encrypted, given the quality of the passwords. Law enforcement have been called in and an investigation is underway.
The Romanian security company said in an emailed statement it found a potential security issue with a server and determined a single application was targeted – a component of its public cloud offering. The attack did not penetrate the server, but “a vulnerability potentially enabled exposure of a few user accounts and passwords”. The attack leaked a “very limited” number of usernames and passwords, representing “less than one per cent of our SMB customers”, the spokesperson said.
“The issue was immediately resolved and, additional security measures were put in place in order to prevent it from reoccurring. As an extra precaution, a password reset notice was sent to all potentially affected customers,” the spokesperson added. “This does not affect our consumer or enterprise customers. Our investigation revealed no other server or services were impacted.” You can read the rest here at= http://www.forbes.com/sites/thomasbrewster/2015/07/31/bitdefender-hacked/
The perpetrator told FORBES all the data he stole was unencrypted. Usernames and passwords seen by your reporter were in plain text and would have been difficult to crack if previously encrypted, given the quality of the passwords. Law enforcement have been called in and an investigation is underway.
The Romanian security company said in an emailed statement it found a potential security issue with a server and determined a single application was targeted – a component of its public cloud offering. The attack did not penetrate the server, but “a vulnerability potentially enabled exposure of a few user accounts and passwords”. The attack leaked a “very limited” number of usernames and passwords, representing “less than one per cent of our SMB customers”, the spokesperson said.
“The issue was immediately resolved and, additional security measures were put in place in order to prevent it from reoccurring. As an extra precaution, a password reset notice was sent to all potentially affected customers,” the spokesperson added. “This does not affect our consumer or enterprise customers. Our investigation revealed no other server or services were impacted.” You can read the rest here at= http://www.forbes.com/sites/thomasbrewster/2015/07/31/bitdefender-hacked/