It happened again as security software provider AVAST fell victim to hackers as they attacked the company’s forum over the weekend and all user names, nicknames, email addresses and passwords ended up compromised.
Vince Steckler, chief executive AVAST Software, confirmed the attack and said the company decided to take the forum offline in order to continue work on resetting all user passwords in order to keep everyone protected.
Users will have to set new passwords when they log back in, Steckler explained, and everyone should change their passwords in case they’re using it on some other websites as well.
“If you use the same password and user names to log into any other sites, please change those passwords immediately. Once our forum is back online, all users will be required to set new passwords as the compromised passwords will no longer work,” Steckler said.
AVAST claims only the forum suffered compromise and the attackers did not gain access to any other information, which means financial details or payment information remains safe.
“This issue only affects our community-support forum. Less than 0.2 percent of our 200 million users were affected. No payment, license, or financial systems or other data was compromised,” Steckler said.
As far as the stolen passwords go, the security vendor said they hashed them, but an experienced thief could still decrypt them and thus gain access to user accounts. That’s why everyone will have to set a new password when the forums are back online.
AVAST said it doesn’t have any details right now as to how the attackers managed to break into the forums, but added the new version, which will be soon online, will have a new platform that provides enhanced stability and security.
“We are now rebuilding the forum and moving it to a different software platform. When it returns, it will be faster and more secure. This forum for many years has been hosted on a third-party software platform and how the attacker breached the forum is not yet known. However, we do believe that the attack just occurred and we detected it essentially immediately,” the company said.