Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Antivirus Firm Emsisoft Discloses Data Breach

Antivirus solutions provider Emsisoft revealed last week that a third-party had accessed a publicly exposed database containing technical logs.

Antivirus solutions provider Emsisoft revealed last week that a third-party had accessed a publicly exposed database containing technical logs.

The issue, Emsisoft said, was a misconfiguration that resulted in a database from a test system becoming exposed to the Internet. The database was initially exposed on January 18, 2021, and remained so until the data breach was identified, on February 3.

The affected system was used for evaluation and benchmarking of the storage and management of log data generated from Emsisoft products and services.

Emsisoft said it immediately took the system offline and launched an investigation into the matter. As a result, it discovered that the only personal information in the database involved 14 email addresses from 7 different organizations.

The affected system, along with several others, was set up for the evaluation of storage options for log and event data, and was seeded with log records from production. One of the databases was made accessible to unauthorized third parties, and at least one “individual accessed some or all of the data contained within that database.”

“The stolen data in question consists of technical logs produced by our endpoint protection software during normal usage, such as update protocols, and generally does not contain any personal information like passwords, password hashes, user account names, billing information, addresses, or anything similar,” Emsisoft said.

The 14 customer email addresses that were stored in the database, the antivirus firm said, were included in the scan logs because malicious emails were detected in the users’ email clients.

According to Emsisoft, the attack was automated and not specifically targeted at the company.

Advertisement. Scroll to continue reading.

“Also, our traffic logs indicate that only parts of the affected database were accessed and not the entire database. However, due to technical limitations it’s impossible to determine exactly which data rows were accessed,” the antivirus provider revealed.

Emsisoft said the exposed system did not provide access to production systems or databases and that the affected users were notified of the incident. The company also noted that it took additional security measures to ensure similar incidents won’t happen.

Related: Web Developer Hub SitePoint Discloses Data Breach

Related: Airbus CyberSecurity Subsidiary Stormshield Discloses Data Breach

Related: Embedded Software Developer Wind River Discloses Data Breach

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...