CCleaner, a popular software known for cleaning files and Windows Registry entries, has confirmed a data breach where attackers gained access to customer data. Users on both Windows and CCleaner forums shared emails from the software company notifying them of the breach.
Furthermore, CCleaner reported that the breach resulted from the MOVEit Transfer bug, allowing attackers to exfiltrate some customer data, including low-risk employee information and select customer data, such as names, email addresses, and phone numbers. As a response, CCleaner is offering affected individuals complimentary dark web monitoring services. This incident raises concerns due to CCleaner’s previous security issues, including a 2017 compromise that had the potential to impact millions of devices.
CCleaner, developed by Piriform Software and owned by cybersecurity company Avast, is a widely used utility with over 2.5 billion downloads and more than five million desktop installations. In 2017, CCleaner was previously compromised by a backdoor-installing trojan horse, which had the potential to grant attackers access to numerous devices. It is believed that the primary targets of this previous attack included tech companies like Samsung, Sony, Asus, and others.
Earlier this year, the Cl0p ransomware cartel exploited a zero-day vulnerability in the MOVEit Transfer software, allowing them to access and download data from the compromised systems. Researchers at Emsisoft estimate that over 2,500 organizations, mainly in the US, and over 66 million individuals have been impacted by MOVEit attacks attributed to this Russia-linked ransomware cartel. According to IBM’s estimate, which values the cost of an average data breach at $165 per leaked record, the cumulative impact of Cl0p attacks amounts to a substantial $10.7 billion, highlighting the financial ramifications of such cybersecurity incidents.
References:
