Avast Forum User Info Compromised

[REDACTED]

I just got the following from my Identity Monitoring service. Everyone might want to change their forum passwords:



Compromised Email Address

Monitored Element Email Addresses:   XXXXXXXXX****@gmail.com
Date Found:   10/11/2016
We monitor online activity to identify the potential illegal trading and selling of your personal information. Unfortunately, we found a match which indicates the information within the red box above is available online. If your password was also compromised, that will be noted in the "Additional Info" section below. Please note, this is the password associated with the site where your email address was procured.

If the “potential site” information is populated, we obtained credible evidence that this is the possible site from which your email address and password, if applicable, were found and we recommend you change your password for this site.

If the "potential site" is not named, you should consider what sites you have associated with the “Monitored Element Email Addresses” and consider changing your password on those sites..

For example, if you set up an account with madeupwebsite.com (fictitious site for this example), you provided your email address to this site and established a password for this site; that password should be changed. See additional comments under “Here's what to do:”, below.
Additional Info

The following data was found compromised with your email address.
Email XXXXXXXXX*@GMAIL.COM
Password ****************************************
Potential Site FORUM.AVAST.COM
Here's what to do:

Immediately change the password for the website if identified above. Consider changing passwords for websites or online accounts which may be associated with this email address.
If the password is not identified above, that does not necessarily indicate your password is safe. Passwords might not be visible to our monitoring due to encryption or otherwise, yet they could be procured and encryption cracked by parties obtaining information from the dark web.
Utilize smart password habits. Re-using passwords across multiple sources may increase your vulnerability to identity thieves. Create unique and strong passwords for your accounts using a mix of special characters, numbers and upper and lower case letters known only to you.

[Pondus]

Avast Forum User Info Compromised

26 May 2014 > https://blog.avast.com/2014/05/26/avast-forum-offline-due-to-attack/

[HonzaZ]

I am not aware of any security breach. Was your password mentioned in the email? (in other words, was it you who asterisk'd the password in the text you pasted?) Are there any links in the email?

[REDACTED]

The asterisks were in the email, I did not put them in. There are no links in the email. I have been registered in the forum since 2009, so it is possible that my info was part of the 2014 breach mentioned in the post previous to yours and not a new one.

[kls490]

Good morning,

I also received today a nearly identical notification from CSID - the entity contracted by the Fed's Office of Personnel Management to monitor mine and some 18 million other current/former Federal employees for suspicious activity, since the massive hacking incident occurred.

The alert specifically referenced my email account used to log-in to the Avast! Forums, and the Avast! Forums as the potential source of the compromise.  (Screenshot of alert attached below).

Although, I have changed the password on the email account in question, I see no way to change my Avast! username to a different email account.  There also seem to be problems in changing my Avast! Forum account password as well.  (I did send an PM to chocolo earlier, but have yet to receive a reply).



Best regards,

[Eddy]

If you want to change the password, you need to change your avast account password. > https://my.avast.com

As for the mail, make sure it is from CSID (check the headers).
If it is, it looks like someone there made a mistake.
Either that, or they are more than 2 years late with the warning   

[REDACTED]

My notification was also from an entity contracted by OPM , in my case I have been given an account with MyIDCare.

[merckxist]

+1
But from a different service provider, ARAG Identity Theft Protection. Same premise, email/password for Avast forum being offered. Perhaps just a new attempt to mine the old breach, but I changed the pw anyway. The old one was unique to the forum, but don't want to get banned for someone else's rant. 

[REDACTED]

Received the same notification from CSID.

Haven't used the forum in years.

Hopefully not a new compromise.

[Eddy]

No new compromise.
They are just using a old database.
Probably because it turned up somewhere again on "the dark web".
And without thinking/checking they send the mails. 

[Vlk]

I can confirm that we aren't aware of any security incident on the Avast forum, besides the one from May 2014 already referenced in the previous posts.

Thanks
Vlk

[kls490]

Much obliged for the follow-up confirmation, Eddy & Vlk! 

Cheers!

[Asyn]

I can confirm that we aren't aware of any security incident on the Avast forum, besides the one from May 2014 already referenced in the previous posts.

Thanks Ondrej, good to know. Cheers.