In a recent revelation, CCleaner, the widely used optimization application, confirmed that hackers successfully breached their systems in May. The breach, which has remained undisclosed until now, affected the personal information of a portion of their paid customers. Gen Digital, the multinational software company that owns CCleaner, Avast, Norton LifeLock, and Avira, sent out an email to their customers, shedding light on this alarming data breach.
The breach is linked to the exploitation of a vulnerability in the MOVEit file transfer tool, which is widely used by organizations, including CCleaner, to transfer large sets of sensitive data over the internet securely. The hackers compromised the MOVEit tool, gaining access to a trove of personal data.
The stolen information includes the names, contact details, and information about the products purchased by CCleaner’s customers. Jess Monney, a spokesperson for Gen Digital, has confirmed that the breach exposed customer phone numbers, email addresses, and billing addresses. However, Monney noted that less than 2% of users were affected by this incident but did not provide a specific number of affected users.
While Gen Digital boasts approximately 65 million paid customers across its cybersecurity portfolio, it remains uncertain how many of these are CCleaner users. This raises concerns about the scope and scale of the breach, as CCleaner is used by millions of people around the world.
One question that lingers is why it took several months for CCleaner to disclose this breach to their affected customers. This delay may be a cause for worry, given the sensitive nature of the compromised information.
The mass-hacking of MOVEit file transfer tools, which began in May, is already being regarded as one of the most substantial hacks of the year. It’s noted for the sheer number of victims affected. A previously unseen vulnerability allowed the notorious Clop ransomware to steal sensitive data from thousands of organizations that relied on these internet-connected systems. Researchers tracking these mass hacks have identified over 2,500 organizations that confirmed MOVEit-related data breaches since May, impacting at least 66 million individuals. The actual number of affected individuals is likely even higher.
Notably, Clop ransomware has yet to list CCleaner on its dark web leak site. This is significant, as ransomware gangs often use this platform to extort companies by publishing stolen files if their ransom demands are not met.
This isn’t the first time CCleaner has faced a security incident. In 2017, the application was compromised when hackers planted malware within the software to spy on more than two million users. It was revealed that the hackers had specifically targeted high-profile tech companies and telecom giants.
This incident serves as a stark reminder of the ever-evolving threat landscape in the digital age. It highlights the critical need for organizations to remain vigilant, promptly address vulnerabilities, and communicate with affected users in a timely and transparent manner. The fallout from this breach, both for CCleaner and the broader cybersecurity community, remains to be seen.