San Francisco: Popular PC optimisation app CCleaner has admitted that hackers stole personal information of some of its customers following a MOVEit mass data breach. No sensitive data was compromised, said the company.
Gen Digital, the software company that owns CCleaner, Avast, NortonLifeLock and Avira brands, told customers that the hackers exploited a vulnerability in the MOVEit file transfer tool to move large sets of sensitive data over the internet, reports TechCrunch.
“We’re reaching out as some of your personal information such as name and contact information has been exposed on the dark web. We take the safety of our customers extremely seriously, and we want to be sure you are aware of the potential impact and how to best protect yourself,” CCleaner said in the email.
Earlier this year many companies were impacted by the MOVEit vulnerability.
“As a user of the software, we acted immediately to protect our systems and investigate the potential impact. We recently discovered that as a customer of Cleaner, some limited personal information of yours was exposed on the dark web,” said the company.
“The information is primarily limited to name and/or contact information, as well as information on the product you purchased from us. No banking details, credit card numbers or high-risk data such as log-in information or account details were taken,” the company added.
The company is offering ‘BreachGuard’ for additional dark web monitoring, free of charge, for 6 months.
“BreachGuard helps monitor for data breaches, personal information on the dark web, and can give you access to privacy resources as applicable in your region,” said the company.
According to a company spokesperson, less than 2 per cent of users were affected.
The mass-hacking of MOVEit file transfer tools began in May, and quickly became the biggest hack of the year.
Researchers say more than 2,500 organisations have confirmed MOVEit-related data breaches since May, amounting to at least 66 million individuals, according to the report.