Emsisoft antivirus company was hacked; customer data leaked

A severe configuration error in Emsisoft‘s cybersecurity company systems has resulted in a breach of sensitive data. Christian Mairoll, co-founder and manager of the company, confirmed the information leaking on February 3 through a statement.

The security report signed by Mairoll notes that a database storing records generated by the company’s products and services remained available to third parties without authorization for a period spanning January 18 to February 3 of this year: “This incident should not have occurred under normal conditions,” the employer added.

La imagen tiene un atributo ALT vacío; su nombre de archivo es emsisoft08022021.jpg

“The characteristics of the incident suggest that this is an automated attack not specifically targeted against our systems. Our traffic logs indicate that the perpetrators only accessed certain segments of the affected database,” Mairoll adds. However, the manager also mentioned that at the moment it is impossible to know what information the attackers accessed.

Upon detecting the attack, the company began implementing some security mechanisms, including disconnecting the compromised system and deploying a forensic analysis of the incident. After the investigation Emsisoft’s security teams concluded that at least 14 email addresses associated with seven different business customers were compromised: “As part of the investigation, we found that 14 of our customers’ email addresses were part of the scan logs due to the detection of malicious emails stored on users’ customers.”

Stolen information consists of technical records produced by endpoint protection software during normal use. These records do not contain personal information such as hashed passwords, usernames, billing information, addresses, or any similar data, the company added.

Customers whose email addresses were compromised have already been notified by the company, which also issued a public apology for the incident. Emsisoft undertook to conduct all necessary security tests to verify that its systems are completely safe from any intrusions in the future: “We want to assure you that we fully understand the importance of our role in safeguarding your information and online security, we will continue to work every day to regain your trust,” concluded the company’s founder.

To learn more about computer security risks, malware, vulnerabilities and information technologies, feel free to access the International Cyber Security Institute (IICS) website.