Antivirus firm Emsisoft disclosed a data breach on one of its test systems used to evaluate and benchmark possible solutions relating to the storage and management of the log data generated by the company’s products and services.
Emsisoft said that upon discovering the breach it immediately took the affected system offline and launched an investigation into the matter. The probe revealed that the cause of the issue was a configuration error due to which one of the databases from a test system became exposed on the internet. The affected database was accessible to unauthorized third parties from January 18th 2021 to February 3rd 2021 and was accessed at least once.
“The stolen data in question consists of technical logs produced by our endpoint protection software during normal usage, such as update protocols, and generally does not contain any personal information like passwords, password hashes, user account names, billing information, addresses, or anything similar. However, as part of the investigation, we noticed that 14 customer email addresses were part of the scan logs due to detections of malicious emails stored in the users’ email clients,” Emsisoft said.
The company added that this was an automated attack, which not specifically targeted Emsisoft.
“Also, our traffic logs indicate that only parts of the affected database were accessed and not the entire database,” the company said.
Emsisoft said it has already notified the affected customers of the data breach and put multiple new policies in place to prevent any similar incidents.
Earlier this month, France-based cybersecurity firm Stormshield disclosed a security incident, in which malicious actors gained an unauthorized access to a technical portal used by customers and partners to manage tech support tickets related to the company’s products. The intruders may have gained access to “personal data and technical exchanges” associated with a number of customer accounts