AVAST forum offline due to attack

[Pauli]

I'll give you the whole post; what this incident underlines, in my opinion, is the importance of having individual usernames in each Forum you attend, and creating passwords that are NOT names of family members or pets or such - individual passwords, too. I use Random Password Generator by Iobit, there are other similar. No need to get a headache about figuring out the password, when it can be easily achieved, like

43DDZZVVQQMMMHHDDYYYuuqqllhAAWWRIIEEaaavvllmmiidddzzvv//===(($$]

Just to mention, the above is not in use, and Google gave nill answers.

Now the post, May 27, 2014, 3.37 am:

==================================================================
"Dear xxxxxxxx,

The AVAST forum is currently offline and will remain so for a brief period. It was hacked over this past weekend and user nicknames, user names, email addresses and hashed (one-way encrypted) passwords were compromised. Even though the passwords were hashed, it could be possible for a sophisticated thief to derive many of the passwords. If you use the same password and user names to log into any other sites, please change those passwords immediately. Once our forum is back online, all users will be required to set new passwords as the compromised passwords will no longer work.

This issue only affects our community-support forum. No payment, license, or financial systems or other data were compromised.

We are now rebuilding the forum and moving it to a different software platform. When it returns, it will be faster and more secure. This forum for many years has been hosted on a third-party software platform and how the attacker breached the forum is not yet known. However, we do believe that the attack just occurred and we detected it essentially immediately.

We realize that it is serious to have these usernames stolen and regret the concern and inconvenience it causes you. However, this is an isolated third-party system and your sensitive data remains secure.

All the best,

Ondrej Vlcek
COO AVAST Software"
==================================================================

For a safer Internet,

Pauli

 

[Jimbo22]

Holy crap....I use Avast but not once have I ever been to there forum. My question is; when you download and use Avast, you have to register it and to do that you have to sign up with a user name (email address in this case) and a password. I see no mention of this in your post or this article.....does this mean my email address that the AV uses is compromised as well?


http://www.pcworld.com/article/2159360/avast-takes-community-forum-offline-after-data-breach.html

 

[Pauli]

Quote: "This issue only affects our community-support forum. No payment, license, or financial systems or other data were compromised."

I would say, you're safe. No reason to panic.

But a good question, bassfisher. I mean, I didn't really think it concerned me... but, I've visited their support forum, and my email address is there . Not funny, not funny at all if I need to change it... gosh, I hate these people who puncture the wheels. Now, I need to check my situation.

 

[Pauli]

Message to Avast:

Hi.

Thanks for your notification. I know this is one of a "million" messages you get but still, as I act as a layman helper / supporter on two forums, I would like to know if there is something I should do, as I feel responsibility.

My username is unique, not in use elsewhere, as is my password, created through Random Password Generator of Iobit.

I trust you understand that, under the circumstances, I give no further info. You already have it all.

Very pleased and happy with Avast,

Pauli xxxxxxxxxxxxxxxxxxxx
Helsinki, Finland

 

[Jimbo22]

Let's see what happens.

BTW...I had a look at your link for "Gordon Banks"....nice clip. I never knew.

 

[Joe S]

The site is still down. It seems like more and more sites are getting hacked lately.
Joe

 

[Pauli]

Quite so. I'm rather new with computers, I've only had a personal Internet connection for six years or so, but I've never received any warnings / alerts from my bank or other service providers - but now, in about 45 days, I've got them from my bank, the Finnish Postal Office, and now from Avast. Not all are down, but phishing seems to be a new hype.

I've always held the view that the virus attacks we've had are [actually] a children's play, and the true attack is lurking, somewhere. Not painting it black, I have no need for that. But to be awake is very important, and I would exhort everyone to urge XP users to go up with their system. It may, after all, not be a mere coincidence if attacks have increased after XP support was ended?

==========================================================================

Nothing to do with this, but I was promoted, out of respect I'll change my Avatar, for a month or so. After that I'll go back to my Joe Kidd hat. Or perhaps I get a nice picture concerning fishing - not PHishing, that is.

==========================================================================

@ bassfisher: Gordon Banks is a legend. He was unfortunate to have a car accident in 1972, where he lost the sight in his one eye. Despite that, he made a carrier in USA. Then he's been active in Stoke City FC, manager level. Great guy, my honor would be to shake hands! He was the man to inspire me to become a goalkeeper! --- Well, I never made it far, but some success...

 

[Joe S]

They are still down!
Joe

 

[Pauli]

Almost a week gone, doesn't sound very good. How much atrocities can one malworker produce in a week, in these days?

Reminds me of Minolta, a distinguished camera / objective producer, who in early 70's introduced one bad series of lenses --- resulted in all professional photographers to skip the brand. If you can't trust them, can you trust 'em?

I've actually had some problems, stalls and windows appearing in DOS style = plain text, text in various formats, no pics. I'm not really worried about Avast, I trust they make it - and give one who hasn't had problems - but I do think their communication could be better. Not taking care of customers equals loosing customers.

 

[Joe S]

It's still down! 2 weeks is a long time I wonder if they gave up on it? You would think they would update the notice. Their fanboys must be going nuts. You know the ones who always comment but rarely contribute anything useful.
Joe

 

[Pauli]

Yeah, it's still down. The AV and other functions seems to be working, but their ability to manage problems is, perhaps, questionable? I start to wonder if a program that lies down for two weeks, can be relied on?

Post to Avast:

Avast Forum has been offline for two weeks now. And no new information has been given, not about how severe the situation is, or how customers should react - we do have a responsibility towards the whole community.

I find my Avast functioning, with some difficulties, but... okay.

Customer number xxxxxxxxxx, 268 days left, unless you answer in 10 days, I consider it gone, and demand my money back.

Make it work?

Couldn't make it work, because my email was out, my username was out, and my password was out.

Everything seems to be out. Because of some hoodlums, I have to do everything anew? Don't know. Annoying, to say the least.

It finally got through, https://feedback.avast.com/responses/site-down_2

Just getting psssssssssd, no offense to any- or everyone who want to assist or help.

 

[Joe S]

It's finally back online. I had to use my email address to sign in and reset the password. It sure took them long enough!
Joe

 

[Pauli]

It sure took them long enough!Joe

It sure did. Must have been some mess, eh? What I hope is that, in future events, they would give more information. To give a feeling of safety, somehow: