Categories: SecurityWorkspace

Avast Closes Forum As Security Company Hacked

Anti-virus provider Avast has admitted to a breach of its forum website, which has exposed certain user data.

User nicknames, usernames, email addresses and hashed passwords were compromised in the attack. Avast has not yet determined how the hacker got access to the site’s database.

Avast breached

Where users have the same password for the Avast forum as other sites, they’ve been advised to change those credentials. Once the forum is back online, users will be asked to change their password.

“Even though the passwords were hashed, it could be possible for a sophisticated thief to derive many of the passwords,” said Vince Steckler, CEO of Avast (pictured).

“This issue only affects our community-support forum. Less than 0.2 percent of our 200 million users were affected. No payment, license, or financial systems or other data was compromised.

“We are now rebuilding the forum and moving it to a different software platform. When it returns, it will be faster and more secure… we do believe that the attack just occurred and we detected it essentially immediately.”

As in the eBay breach of last week, only the password was protected with a hash, whilst other data was not encrypted. The auction giant faced criticism not just for its slow response in getting warning emails out to customers, but for not wrapping protection around other user data, such as addresses.

Avast has been targeted before. In October 2013, pro-Palestinian hackers tried to breach its website security, but their efforts were blocked.

What do you know about Internet security? Find out with our quiz!

Thomas Brewster

Tom Brewster is TechWeek Europe's Security Correspondent. He has also been named BT Information Security Journalist of the Year in 2012 and 2013.

View Comments

  • I like Avast and it's anti virus software is pretty top notch, but I have to say that it's just a little bit ironic that a security company that sells anti-viruses and anti-malware software finds itself the victim of a hack. The important thing is that they learn from this and are making positive steps to rectify this by moving to a more "secure" platform. Thankfully the sensitive data remains secure.

Recent Posts

Apple Delays Staff Mandate For Three Days A Week In Office – Report

Tech giant blames rising Covid cases as it again pushes back return to office deadline,…

7 mins ago

Tesla Bluetooth Locks Can Be Hacked, Warns NCC Group

Digital locks, including those fitted to Tesla vehicles, are vulnerable to being unlocked via an…

3 hours ago

Twitter Board To ‘Enforce’ Elon Musk Merger Agreement

Legal action ahead? Elon Musk's takeover agreement of Twitter will be enforced says board of…

4 hours ago

Silicon UK In Focus Podcast: Is Your Business Ready for Frontend-as-a-Service?

How could FaaS revolutionise E-commerce? And how can businesses embrace this technology to connect with…

5 hours ago

Uber Eats Offers Two Robo-Delivery Services In California

Uber Eats offers food delivery using Motional autonomous cars in Santa Monica and sidewalk robot…

23 hours ago

Russia ‘Not Planning To Block YouTube’ Says Minister

Digital minister says Russia not planning to block YouTube in the country as Russian users…

1 day ago