Antivirus provider Avast! has disclosed that their online discussions forums have been compromised and taken offline temporarily after the exposure of a limited number of user names, email addresses and hashed passwords.
“The AVAST forum is currently offline and will remain so for a brief period. It was hacked over this past weekend and user nicknames, user names, email addresses and hashed (one-way encrypted) passwords were compromised. Even though the passwords were hashed, it could be possible for a sophisticated thief to derive many of the passwords,” wrote Vince Steckler, CEO AVAST Software.
Even thought the compromised login credentials were encrypted and hashed, the company is wisely advising users that if they use the same password and user name from their Avast! account to log into any other accounts on other platforms that they change those passwords immediately due to the exposure.
“Once our forum is back online, all users will be required to set new passwords as the compromised passwords will no longer work. This issue only affects our community-support forum. Less than 0.2% of our 200 million users were affected. No payment, license, or financial systems or other data was compromised.”
The company said they are now rebuilding the entire forum platform using different software than was used on the compromised site, and that the new forums will be “faster and more secure” than before.
“This forum for many years has been hosted on a third-party software platform and how the attacker breached the forum is not yet known. However, we do believe that the attack just occurred and we detected it essentially immediately,” Steckler said.
“We realize that it is serious to have these usernames stolen and regret the concern and inconvenience it causes you. However, this is an isolated third-party system and your sensitive data remains secure.”
Read More Here…