Bitdefender was the victim of a cyber attack that exposed a very limited number of usernames and passwords. A renowned blog notes that a hacker who calls himself DetoxRansome had tried to blackmail the company, threatening to publish data about customers. Bitedefender said in a reply, that they have identified a security incident on a single server that was compromised, but this vulnerability has allowed to find accounts of a small number of users.
We have identified a potential security incident on a single server which belongs to the company. We have started an internal investigation and found that a single application was concerned – a component of the public’s cloud – which exposed a very limited number of usernames and passwords. Internal investigation revealed that server was not compromised, but a vulnerability has allowed to find a small number of accounts of users.
The incident was remedied in a short time, the company taking additional security measures to prevent recurrence of further attacks. A related notice has been sent for reset the passwords of exposed potential clients, representing less than 1% of the company’s SME portfolio. The incident did not target households or enterprise segment.
The investigation confirmed that no other server or service has not suffered. Bitdefender Security puts its customers top priority and treated with the utmost seriousness and rapidity any situation that might involve security customers.