Security Experts:

Connect with us

Hi, what are you looking for?



Antivirus Firm Emsisoft Discloses Data Breach

Antivirus solutions provider Emsisoft revealed last week that a third-party had accessed a publicly exposed database containing technical logs.

Antivirus solutions provider Emsisoft revealed last week that a third-party had accessed a publicly exposed database containing technical logs.

The issue, Emsisoft said, was a misconfiguration that resulted in a database from a test system becoming exposed to the Internet. The database was initially exposed on January 18, 2021, and remained so until the data breach was identified, on February 3.

The affected system was used for evaluation and benchmarking of the storage and management of log data generated from Emsisoft products and services.

Emsisoft said it immediately took the system offline and launched an investigation into the matter. As a result, it discovered that the only personal information in the database involved 14 email addresses from 7 different organizations.

The affected system, along with several others, was set up for the evaluation of storage options for log and event data, and was seeded with log records from production. One of the databases was made accessible to unauthorized third parties, and at least one “individual accessed some or all of the data contained within that database.”

“The stolen data in question consists of technical logs produced by our endpoint protection software during normal usage, such as update protocols, and generally does not contain any personal information like passwords, password hashes, user account names, billing information, addresses, or anything similar,” Emsisoft said.

The 14 customer email addresses that were stored in the database, the antivirus firm said, were included in the scan logs because malicious emails were detected in the users’ email clients.

According to Emsisoft, the attack was automated and not specifically targeted at the company.

“Also, our traffic logs indicate that only parts of the affected database were accessed and not the entire database. However, due to technical limitations it’s impossible to determine exactly which data rows were accessed,” the antivirus provider revealed.

Emsisoft said the exposed system did not provide access to production systems or databases and that the affected users were notified of the incident. The company also noted that it took additional security measures to ensure similar incidents won’t happen.

Related: Web Developer Hub SitePoint Discloses Data Breach

Related: Airbus CyberSecurity Subsidiary Stormshield Discloses Data Breach

Related: Embedded Software Developer Wind River Discloses Data Breach

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

Data Protection

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.


The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.