The company behind the popular optimization app CCleaner has stated that hackers stole a significant amount of personal information from its paying customers after a data breach in May.
In an email sent to customers, Gen Digital, the multinational software company that owns CCleaner, Avast, NortonLifeLock, and Avira brands, revealed that the hackers exploited a vulnerability in the widely used MOVEit file transfer tool. This tool is employed by numerous organizations, including CCleaner, to transfer large sets of sensitive data online.
CCleaner Reports That Hackers Took Users’ Personal Data in the MOVEit Mass Hack
The email informed customers that the hackers obtained names, contact details, and information regarding the purchased products.
Gen Digital spokesperson Jess Monney confirmed that customer phone numbers, email addresses, and billing addresses were impacted by the breach. Monney mentioned that less than 2% of users were affected but refrained from specifying the exact number of affected users.
Millions of people worldwide use CCleaner. Gen Digital hasn’t disclosed the exact number of paid CCleaner users but claims to have approximately 65 million paid customers across its cybersecurity portfolio, including CCleaner.
It’s unclear why CCleaner took several months to inform affected customers about the incident.
Unprecedented MOVEit File Transfer Tool Hacking: A Clop Ransomware Epidemic
The mass hacking of MOVEit file transfer tools started in May and quickly became the year’s largest hack in terms of the number of victims. An unprecedented vulnerability allowed the notorious Clop ransomware to steal sensitive data from thousands of organizations using these internet-connected systems. Researchers monitoring the mass hacks report that over 2,500 organizations have confirmed MOVEit-related data breaches since May, affecting at least 66 million individuals, although the actual number of affected people is likely much higher.
Clop has not yet added CCleaner to its dark web leak site, which ransomware gangs use to force companies into paying a ransom by publishing stolen files if the hackers’ demands aren’t met.
An earlier listing for Norton LifeLock, another Gen Digital brand, appeared on August 14. A Gen Digital spokesperson stated that the incident only affected the personal information of its employees and contractors, assuring that no customer or partner data got exposed.
In 2017, hackers compromised CCleaner by implanting malware in the software to spy on over two million users. The toolmaker revealed that the hackers specifically targeted prominent tech companies and telecom giants.
Check These Out
- 7 Tips on Protecting Your Bank Accounts from Hackers
- Best Laptops for Hacking – Hacking Laptop Requirements
- Send & Schedule Mass Email – How To Send And Schedule A Mass Email On Gmail
- Best tools and utilities software – Top tools and utility software
- Sony Interactive Entertainment Confirms Security Breaches on its Servers