10 February 2021

Antivirus service vendor Emsisoft discloses data breach


Antivirus service vendor Emsisoft discloses data breach

Antivirus firm Emsisoft disclosed a data breach on one of its test systems used to evaluate and benchmark possible solutions relating to the storage and management of the log data generated by the company’s products and services.

Emsisoft said that upon discovering the breach it immediately took the affected system offline and launched an investigation into the matter. The probe revealed that the cause of the issue was a configuration error due to which one of the databases from a test system became exposed on the internet. The affected database was accessible to unauthorized third parties from January 18th 2021 to February 3rd 2021 and was accessed at least once.

“The stolen data in question consists of technical logs produced by our endpoint protection software during normal usage, such as update protocols, and generally does not contain any personal information like passwords, password hashes, user account names, billing information, addresses, or anything similar. However, as part of the investigation, we noticed that 14 customer email addresses were part of the scan logs due to detections of malicious emails stored in the users’ email clients,” Emsisoft said.

The company added that this was an automated attack, which not specifically targeted Emsisoft.

“Also, our traffic logs indicate that only parts of the affected database were accessed and not the entire database,” the company said.

Emsisoft said it has already notified the affected customers of the data breach and put multiple new policies in place to prevent any similar incidents.

Earlier this month, France-based cybersecurity firm Stormshield disclosed a security incident, in which malicious actors gained an unauthorized access to a technical portal used by customers and partners to manage tech support tickets related to the company’s products. The intruders may have gained access to “personal data and technical exchanges” associated with a number of customer accounts

Back to the list

Latest Posts

Researchers discover connection between SunCrypt and QNAPCrypt ransomware

Researchers discover connection between SunCrypt and QNAPCrypt ransomware

SunCrypt may be an updated version of the QNAPCrypt ransomware.
4 March 2021
Cybersecurity firm Qualys appears to be the latest victim of Accellion FTA zero-day attacks

Cybersecurity firm Qualys appears to be the latest victim of Accellion FTA zero-day attacks

The cybercriminals behind the Clop ransomware operation have posted screenshots of files allegedly stolen from Qualys on their leak site.
4 March 2021
CISA orders federal agencies to ‘immediately’ patch Exchange flaws exploited by hackers

CISA orders federal agencies to ‘immediately’ patch Exchange flaws exploited by hackers

Several APT groups are exploiting "at least" the CVE-2021-26855 Microsoft Exchange Server vulnerability as part of ongoing attacks, ESET says.
4 March 2021