User names, email addresses,nick names and passwords were compromised in this attack. The breach did not involve any financial data, license or any other data.
While the passwords are hashed(SMF forum software uses SHA-1 with a salt to store passwords) , it will not take much time for a hacker to crack the hashes. The longer the password, the harder it is to crack.
According to Avast blog post, the security breach affects less than 0.2% (about 400,000) of Avast’s 200 million users.
People who uses the same password on other websites are advised to change those passwords immediately.
Until now, their forum used an open source community software called “Simple Machines Forum(SMF)”. It appears the Avast is using an outdated version of SMF.
Avast said it is now “We are now rebuilding the forum and moving it to a different software platform” which will be secure one.
View full post on E Hacking News – Hacker News and Latest IT Security News
Other Sites You May Like: