May 2014 Avast Forum Breach

Avast Free Antivirus / Premium Security
1

Why wasn’t I notified by Avast that my email address and password was breached on May 2014. I went to a website that checked to see if my email was in any breaches. One turned up on Avast Forum in May 2014. Here is a copy of the results:

Breaches you were pwned in
A “breach” is an incident where a site’s data has been illegally accessed by hackers and then released publicly. Review the types of data that were compromised (email addresses, passwords, credit cards etc.) and take appropriate action, such as changing passwords.

Avast logo
Avast: In May 2014, the Avast anti-virus forum was hacked and 423k member records were exposed. The Simple Machines Based forum included usernames, emails and password hashes.

Compromised data: Email addresses, Passwords, Usernames

Why wasn’t I notified about the breach and my email being stolen?

2

https://blog.avast.com/2014/05/26/avast-forum-offline-due-to-attack/

3

Did you understand the question, Pondus???
The OP asked “Why wasn’t I notified about the breach and my email being stolen?” not about a link .

4

As far as I remember, they did notify users via e-mail as well as message on top of the forum.

5

Confirmed.

6

Yes i did. and i cant not remember if i got a mail or not

Since it seemed like this was new to him i gave him link to the official blog post

7

After it happened, avast did (out of the top of my head):

  • Send a email
  • Posted it on their blog
  • Changed the way users have to login here

Users could also have know about it through many websites and other media.

8

Here’s the message from the email i received on May 27nd 2014:

Dear DJBone,

The AVAST forum is currently offline and will remain so for a brief period. It was hacked over this past weekend and user nicknames, user names, email addresses and hashed (one-way encrypted) passwords were compromised. Even though the passwords were hashed, it could be possible for a sophisticated thief to derive many of the passwords. If you use the same password and user names to log into any other sites, please change those passwords immediately. Once our forum is back online, all users will be required to set new passwords as the compromised passwords will no longer work.

This issue only affects our community-support forum. No payment, license, or financial systems or other data were compromised.

We are now rebuilding the forum and moving it to a different software platform. When it returns, it will be faster and more secure. This forum for many years has been hosted on a third-party software platform and how the attacker breached the forum is not yet known. However, we do believe that the attack just occurred and we detected it essentially immediately.

We realize that it is serious to have these usernames stolen and regret the concern and inconvenience it causes you. However, this is an isolated third-party system and your sensitive data remains secure.

All the best,

Ondrej Vlcek
COO AVAST Software

DJBone