Bitdefender Suffers Data Breach, Customer Records Stolen

Uploaded on 2015-08-25 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

screen-shot-2015-08-03-at-10-28-31.png

screen-shot-2015-08-03-at-10-28-31.png


Bitdefender  an Internet security software company originated in Romania, has become the latest cybersecurity firm to be targeted by hackers.

A cyber attacker has been able to extract customer login credentials for Bitdefender clients. An individual dubbed DetoxRansome extolled the data breach on Twitter over the weekend, taking responsibility for the attack and posting a message saying: "Guess what guys Bitdefender has been toppled by yours truly."
DetoxRansome has also demanded $15,000 from Bitdefender, threatening the leak of a customer database online unless the ransom demand is accepted.

The hacker latest released login credentials for two Bitdefender employees and one customer as proof of the corporate data theft.

In a blog post, security researchers Travis Doering and Dan McPeake say the hacker was willing to sell Bitdefender data including "access to all usernames and passwords persistently to their (Bitdefender) flagship products." The cyber attacker then posted a sample of some of the stolen data, including plain text username and matching passwords for over 250 accounts, which the company confirmed as accounts in active use.
Bitdefender admitted a security breach has taken place, but insisted that "less than one percent" of its small to medium-sized businesses were affected -- and no consumer or enterprise clients will suffer due to the data breach.
The attack occurred through a "security issue with a single server," according to Bitdefender.
A single application exposed a "very limited number" of customer login credentials through public cloud services. The vulnerability did not allow for database penetration; rather, "a vulnerability potentially enabled exposure of a few user accounts and passwords," Bitdefender says.
Bitdefender has not given in to the hacker's demands and is currently working with law enforcement to investigate the issue. A Bitdefender spokesperson told The Register:
"The issue was immediately resolved and additional security measures were put in place in order to prevent it from reoccurring. As an extra precaution, a password reset, notice was sent to all potentially affected customers. Our investigation revealed no other server or services were impacted. Bitdefender takes security of its customers very seriously and any issue that might involve the security of our customers or the security of our servers is treated with the utmost urgency and seriousness."

In June, cybersecurity firm Kaspersky Lab became the victim of a cyberattack deemed "almost invisible" and extremely difficult to detect. The company believes the attack was carried out by the same group that was behind the 2011 Duqu attack, and was likely state-sponsored.
ZDNet: http://zd.net/1IGGBeB

 

« Cyber Attacks on the Power Grid
Legal Issues Of Cyber War Are Big & Complex »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

SSL247

SSL247

SSL247 is Europe's leading Web Security Consultancy Firm. We enjoy long-standing partnerships with Certificate Authorities including Symantec, GlobalSign, Entrust Datacard, Comodo, Thales and Qualys.

City Security Magazine

City Security Magazine

City Security magazine helps promote best security practices and keep businesses informed on a wide variety of security-related issues.

Miller Group

Miller Group

Miller Group is an IT managed service provider. We proactively monitor and manage your entire business computer network. Services include backup & recovery and cyber security.

LRQA

LRQA

LRQA is an award-winning global provider of cybersecurity services, bringing innovative thought leadership to the ever-evolving cybersecurity marketplace.

Cyber Triage

Cyber Triage

Cyber Triage is an automated incident response software any company can use to investigate their network alerts.

idappcom

idappcom

idappcom provides unique industry approved software solutions for auditing and enhancing the threat recognition and response capabilities of your corporate security defences.

Me Learning

Me Learning

Me Learning provides engaging, informative and clearly explained learning materials for complex and challenging professional environments in areas including GDPR and Information Governance.

Cyber Security Raad (CSR) - Netherlands

Cyber Security Raad (CSR) - Netherlands

The Cyber Security Council (CSR) is a national, independent advisory body of the Dutch government undertaking efforts at strategic level to bolster cyber security in the Netherlands.

Liberty Mutual

Liberty Mutual

Liberty Specialty Markets offers specialty and commercial insurance and reinsurance products, including Cyber, across the USA, Europe, Middle East and other international locations.

Hackuity

Hackuity

Hackuity is a breakthrough technology solution that rethinks the way of managing IT vulnerabilities in enterprises.

SecureTeam

SecureTeam

SecureTeam are a UK-based information security practice, specialising in all areas of cybersecurity.

Pointsharp

Pointsharp

Pointsharp delivers software and services that help organizations secure data, identities, and access in a user-friendly way.

Sprocket Security

Sprocket Security

Sprocket Security protects your business by monitoring the cybersecurity landscape and performing continuous penetration testing services.

Adaptiva

Adaptiva

Adaptiva, the autonomous endpoint management company, delivers the fastest way to patch and manage endpoints at scale.

Atumcell

Atumcell

Atumcell’s targeted risk assessment exposes emerging threats before they cause harm.

IdentifAI

IdentifAI

At identifAI, we develop cutting-edge AI solutions to combat the growing threats of deepfakes and fakenews.