Data Breach Summary
InsecureWeb, a security company dedicated to scanning the dark web for security breaches, has discovered that Avast.com, a website that offers computer security solutions, including antivirus and malware protection, has suffered a data breach.
On April 16, 2023, the breach was posted on the Telegram channel #@leakdatabreaches by an unknown individual. The breach compromised a significant amount of data, approximately 56.8 MB, including user email addresses, usernames, passwords, and other personal information.
Where and How?
InsecureWeb’s team of experts traced the security breach to #@leakdatabreaches, a Telegram channel known for posting data breaches and selling compromised information. The breach occurred due to a vulnerability in Avast.com’s security system, which allowed the hackers to gain access to the user database.
A Screenshot of the data can be found below:
Company Data Breach History
This is not the first time that Avast.com has suffered a security breach. In 2019, the company’s internal network was breached, resulting in the theft of personal information of its users. The company has since then implemented various security measures to prevent similar incidents from happening in the future.
InsecureWeb takes data breaches seriously and has notified Avast.com of the breach. Our team is working together with the company to investigate the incident further and prevent similar incidents from occurring in the future. We urge all users of Avast.com to change their passwords immediately and monitor their accounts for any suspicious activity.
Recommendations for Personal Data Protection
How Users Can Protect Their Information
To protect their personal information and accounts from being compromised, users should take the following steps:
– Change their passwords frequently, with a combination of letters, numbers, and symbols.
– Enable two-factor authentication whenever possible.
– Use unique passwords for each account, to prevent hackers from accessing multiple accounts with the same password.
– Be cautious of suspicious emails or messages, as they may contain phishing links that can compromise their accounts.
– Regularly monitor their accounts for any suspicious activity.
What is InsecureWeb?
InsecureWeb is a Dark Web monitoring service that keeps track of recent data breaches and tracks their impact by monitoring the darkest places of the internet. InsecureWeb notifies users and enterprises when their data has been found online and helps them mitigate the impact.