It has come to light that the popular PC optimization app CCleaner has been compromised by hackers following a massive data breach associated with the MOVEit service. According to the company, there was no breach of sensitive data that could be compromised.
There has been a massive amount of discussions going on on some of the CCleaner and Windows forums recently about a recent security breach that the company informed users about.
A vulnerability was exploited by the hackers in the widely used MOVEit file transfer tool, which is used by thousands of organizations, including CCleaner, as a means to move large sets of sensitive data over the internet to obtain more information.
Consequently, the hacker was able to gain access to the names and contact information of CCleaner's customers, as well as information about the products they had purchased.
The software community forum claimed that one of the forum's admins responded that this was a scam email and that users should ignore it after a user inquired if CCleaner did send such emails in the software community forum.
Several people contacted CCleaner, and the company got back to them and confirmed that it sent out emails to those who were affected. It was revealed to Cybernews that the company had suffered a breach that affected both employee data and some low-risk customer information.
The multinational software company Gen Digital, which owns the brands of CCleaner, Avast, Norton LifeLock, and Avira, informed its customers in an email that the hackers exploited a vulnerability in their widely used file transfer tool MOVEit, which is used by thousands of organizations, including CCleaner, to transfer large amounts of sensitive data across the internet, including the MOVEit file transfer tool.
It was claimed in an email that the hackers stole names, contact information, and information regarding the purchases made by the customers.
Piriform Software, the company which developed CCleaner, is owned by cybersecurity company Avast.
Over 2.5 billion downloads of this popular utility have been made by Piriform Software, a company that has been around since 2004. CCleaner has been compromised by a backdoor-installing Trojan horse since 2017. As a result of the backdoor in the software, attackers could have gained access to millions of devices.
There has been much discussion about the target of the attack, but researchers believe that the primary targets were technology companies, including Samsung, Sony, Asus, and others. As a result of a zero-day bug in the MOVEit Transfer software earlier this year, the Clop ransomware cartel was able to access and download all data stored within the application.
There are millions of users of CCleaner around the world, but Gen Digital does not break down how many of its customers have paid for CCleaner. However, the company claims that its cybersecurity portfolio, including CCleaner, includes 65 million paid customers.
There is no clear reason for CCleaner to have delayed disclosing the incident to affected customers for several months.
Researchers at Emsisoft reported that more than 2,500 organizations, mostly in the United States, have been affected by MOVEit attacks from the Russia-linked ransomware cartel, with more than 66 million individuals affected.
The impact of Clop attacks would add up to a staggering $10.7 billion if we take IBM's estimate, based on the estimated cost of a data breach at $165 per leaked record, and multiply it by the cost of a data breach per leaked record.