CCleaner, a widely-used software for cleaning files and Windows Registry entries, has officially acknowledged that unauthorized individuals gained access to some of its customer data. Reports began to emerge on Windows and CCleaner forums where users shared emails they had received from the software provider, notifying them of a recent security breach.
CCleaner disclosed that it fell victim to the MOVEit Transfer vulnerability, which allowed attackers to exfiltrate certain customer data. One of the forum users shared a message they received, stating, "We recently discovered that as a customer of CCleaner, some limited personal information of yours was exposed on the dark web."
However, when a user inquired about the authenticity of these emails on the software community forum, an administrator promptly clarified that the email was legitimate, dismissing it as a scam.
The company eventually confirmed that it had indeed sent out notifications to affected individuals. According to the company, the breach impacted low-risk employee data, as well as some customer data. CCleaner will be offering complimentary dark web monitoring services to those affected.
In 2017, CCleaner experienced a security breach involving a trojan horse that installed a backdoor. This breach potentially put millions of devices at risk through the software's compromised backdoor.
Researchers speculate that the primary targets of the attack were technology companies, including Samsung, Sony, Asus, and others. Earlier this year, the Cl0p ransomware cartel exploited a zero-day vulnerability in MOVEit Transfer software, enabling them to access and retrieve data stored within it.
Emsisoft researchers explain MOVEit attacks by the Russia-linked ransomware cartel have affected over 2,500 organizations, primarily in the United States, and impacted over 66 million individuals.
By IBM's estimate, which places the cost of an average data breach at $165 per leaked record, the cumulative impact of Cl0p attacks is staggering, reaching approximately $10.7 billion.
In recent days, there have been numerous, other noteworthy breaches:
- Seiko watches: The Japanese watchmaker Seiko announced that it had been hit by a ransomware attack where hackers stole 60,000 personal data records, including names, addresses, and phone numbers. Seiko is still investigating the incident and has not yet released any information about how the hackers gained access to its systems.
- MCNA Insurance: The US health insurance company MCNA Insurance announced that it had been hit by a data breach. The hackers stole the personal information of 8.9 million people, including Social Security numbers, dates of birth, and health insurance information. MCNA Insurance is working with law enforcement to investigate the incident.
- NCB Management: The US property management company NCB Management announced that it had been hit by a cyberattack. The hackers stole the personal information of almost 1 million people, including names, addresses, Social Security numbers, and driver's license numbers. NCB Management is working with law enforcement to investigate the incident.
In addition to these high-profile attacks, there have been a number of other hacks in the last few weeks. For example, the US biotech company 23andMe announced that it had been hit by a data breach. The hackers stole the genetic data of some customers, including information about their ancestry and health history.
These attacks are a reminder that no organization is immune to hacking. Businesses and individuals need to be vigilant and take steps to protect their data. Some of the best ways to protect yourself from hacking include using strong passwords, enabling two-factor authentication, and keeping your software up to date.
In a hybrid work world, an effective balance between flexibility, productivity, and robust cybersecurity measures is crucial. Without it, businesses face a ticking time bomb of security threats. As businesses continue to navigate the challenges of the hybrid work model, partnership with a skilled MSP is no longer a luxury but a necessity to stay secure and in business. Protecting yourself is getting tougher but must be done to keep your business or government agency, school, state, city, etc. running. Ask the Hybrid Work Experts at Apex Technology Services about how they can help your organization stay secure.