MOVEit Data Breach and Avast Customers

[jj44]

I received an email today about Avast customer data being leaked on the dark web. In the email, Avast recommends signing up for an additional paid service: "As a valued customer, we would like to offer you BreachGuard for additional dark web monitoring, free of charge, for 6 months. BreachGuard helps monitor for data breaches, personal information on the dark web, and can give you access to privacy resources as applicable in your region. We will send details of how to install BreachGuard in the coming days, so please keep an eye out for those instructions, which we will send to this email address."

Despite the 6 month free period, I find it a bit shameless that Avast is admitting that its customers' names and contact information have been leaked on the dark web, which is ultimately a failure on Avast's part, as Avast takes on the responsibility of handling our data. So, we ought to sign up for another paid service in order to monitor the dark web for the information which should have secured in the first place. Paying customers should pay MORE for the privilege of what should be basic customer protection.

Further, when I used Avast Hack Check to see whether my email address has been leaked online, it reassured me that my email has not been leaked online. The MOVEit data breach email said that my contact information and name has been leaked online, but Avast's own leak program contradicts that, so now I'm confused about what data of mine is out in the world.

Does anyone know what Avast is doing about this data breach, beyond promoting BreachGuard?

[Tushar3]

Rightly said. Why should the breach guard be only for 6 months ? Is it that after 6 months the "so called leaked data" would get erased ?

Considering that the data leak has happened at Avast's end, they should compensate us by giving license of Breachguard for the balance contracted period (i.e. till such time that I am Avast Customer - at least this point) and if renewed to get Breachguard renewed as a part of the software renewed.

[Adz]

I also recieved that warning email.
I already have breachguard as part of my package, it's mostly prompting you to be aware, and dark web monitoring, which I think you can get free a handful of ways.
Much more worrying to me is ANY weakness of Avast protection, the dangers of that cannot be over estimated. I know Avast got bought out not so long ago & I have been dreading the services efficiency going down, the previous owners always seemed well motivated to be the best & have watertight protection.

[Myles45]

I am another recipient of this email from Avast & was now looking at the forum for some sort of confirmation on what it's actually all about??

I agree that it appears to be touting for future business in a rather underhand way!! Firstly they admitted to a breach of their security which allowed MY data out into the dark web (it also appears to have taken them the best part of a year to discover this!!!) & then, because I am such a "valued customer" they are "offering" me the use of their Breachguard product free of charge for 6 months!!!

How incredibly generous of them don't you think?? Do you suppose that after the initial 6 months it will still be free??  I think not!

This appears to be a shameless marketing ploy based on scare tactics!!

I would like to hear back from anyone at Avast here in the forum to answer what appears to be a growing number of questions about this product & also the lack of security that originally allowed the breach to occur.

[jj44]

Rightly said. Why should the breach guard be only for 6 months ? Is it that after 6 months the "so called leaked data" would get erased ?

Considering that the data leak has happened at Avast's end, they should compensate us by giving license of Breachguard for the balance contracted period (i.e. till such time that I am Avast Customer - at least this point) and if renewed to get Breachguard renewed as a part of the software renewed.

I'm really glad others share my concerns. Beyond how shameless this marketing tactic is, six months is such a transparently arbitrary timeframe. (Maybe that's just what's most financially convenient for Avast?) And with regard to when leaked data might be erased, my big question is even IF such data might be erased, or even CAN be. All the Avast email says is, "some limited personal information of yours was exposed on the dark web", but doesn't detail exactly what steps they have taken. They say that they "acted immediately to protect our systems and investigate the potential impact", but all the email describes is an investigation, not the protection part. If the protection part of the response is that users need to sign up for an additional paid service, that reflects pretty bloody poorly on Avast... Enough that it makes me reconsider being a customer of theirs. Sure, breaches happen, but this response is just... so inadequate, in the face of a privacy breach like this.

[jj44]

I also recieved that warning email.
I already have breachguard as part of my package, it's mostly prompting you to be aware, and dark web monitoring, which I think you can get free a handful of ways.
Much more worrying to me is ANY weakness of Avast protection, the dangers of that cannot be over estimated. I know Avast got bought out not so long ago & I have been dreading the services efficiency going down, the previous owners always seemed well motivated to be the best & have watertight protection.

If you received the email too, does that mean BreachGuard was ineffective in doing its job and keeping your data secure? That really makes me doubt that BreachGuard is a good solution, as proposed in Avast's email. Doesn't sound like it guards against breaches at all...

I'm genuinely curious: Has BreachGuard at all alerted you to the compromising of your data via the MOVEit vulnerability? Were you aware of this before you received the email? Surely users should've been, if the software does what it says on the tin...

[jj44]

I am another recipient of this email from Avast & was now looking at the forum for some sort of confirmation on what it's actually all about??

I agree that it appears to be touting for future business in a rather underhand way!! Firstly they admitted to a breach of their security which allowed MY data out into the dark web (it also appears to have taken them the best part of a year to discover this!!!) & then, because I am such a "valued customer" they are "offering" me the use of their Breachguard product free of charge for 6 months!!!

How incredibly generous of them don't you think?? Do you suppose that after the initial 6 months it will still be free??  I think not!

This appears to be a shameless marketing ploy based on scare tactics!!

I would like to hear back from anyone at Avast here in the forum to answer what appears to be a growing number of questions about this product & also the lack of security that originally allowed the breach to occur.

Seconded. I'm really glad folks here are as frustrated and confused as I am. Given Adz reports receiving this email saying their data was leaked on the dark web, but they ALREADY had BreachGuard, I'm really starting to doubt the robustness of Avast's software. I would also really like someone from Avast to engage. I even contacted them directly to ask about the leak of my data, but they haven't responded.

[Tushar3]

I have a point or two to make here.

1) As said by Adz they own Breachguard.     Agreed.        But the data leak appears to have happened at the Avast end.        So Adz's Breachguard can guard him for any intrusion that possibly can occur using his leaked credentials. Hope I have understood the situation correctly.

2) It is more than 24 hours that this post is here on the forum but there are no replies from Avast themselves.

3) There is NO dedicated e-mail for Customer support on this major issue. We cant keep answering questions on the web page and move further till we might reach a dead end.

[jj44]

I have a point or two to make here.

1) As said by Adz they own Breachguard.     Agreed.        But the data leak appears to have happened at the Avast end.        So Adz's Breachguard can guard him for any intrusion that possibly can occur using his leaked credentials. Hope I have understood the situation correctly.

2) It is more than 24 hours that this post is here on the forum but there are no replies from Avast themselves.

3) There is NO dedicated e-mail for Customer support on this major issue. We cant keep answering questions on the web page and move further till we might reach a dead end.

Who knows when Avast might swoop in and take customer concerns seriously. Fingers crossed it'll be soon! I've contacted Avast separately too, and have received no response.

Yeah, BreachGuard is advertised as being able to "monitor for data breaches 24/7" and "scan the dark web for info breaches". So it should've caught the MOVEit breach and informed all relevant BreachGuard users that their data had been leaked on the dark web. Otherwise it clearly failed. It doesn't matter where your data is plucked from, BreachGuard should be capable of detecting when your data is out there.

[Lano]

Seems a phishing scam according to Ccleaner Forums: https://community.ccleaner.com/topic/65717-moveit-vulnerability/

[bob3160]

@jj44
"I received an email today about Avast customer data being leaked on the dark web"
Can you post an image of that email?

[jj44]

@jj44
"I received an email today about Avast customer data being leaked on the dark web"
Can you post an image of that email?

I've attached the screenshots. The email came from the same email address as all other Avast communications have.

[jj44]

Seems a phishing scam according to Ccleaner Forums: https://community.ccleaner.com/topic/65717-moveit-vulnerability/

That CCleaner forum seems unsure about the state of things, too. All the more reason for Avast to step up and actually engage, tbh. At this point I have no clue what's going on and whether our data is actually safe.

[Ognjen3]

Hi Everyone, We’re reaching out to help address some of the questions here. First, we can confirm that the email you received was valid and not a phishing scam. As part of the MOVEit incident, some customer information, such as name, email address and phone number, was impacted. Our systems are secure and operational, and the cause of this was addressed immediately when the MOVEit incident was discovered. While this information is not considered high risk, we take the safety of our customers extremely seriously. The best way to protect yourself is being vigilant against any potential phishing threats using this. Should you have questions related to your personal account, you can always reach out to our support team. You can also find more information about the Progress Software MOVEit vulnerability here.

[jj44]

Hi Everyone, We’re reaching out to help address some of the questions here. First, we can confirm that the email you received was valid and not a phishing scam. As part of the MOVEit incident, some customer information, such as name, email address and phone number, was impacted. Our systems are secure and operational, and the cause of this was addressed immediately when the MOVEit incident was discovered. While this information is not considered high risk, we take the safety of our customers extremely seriously. Being vigilant against any potential phishing threats using this information is the best way to protect yourself. As an additional means to support those impacted, we are offering dark web monitoring free of charge for six months. For more information about the Progress Software MOVEit vulnerability, you can see here. And should you have questions related to your personal account, you can always reach out to our support team.

Thank you for responding. I have reached out to the Avast support team twice and had no response. I have asked what specific information of mine has been leaked, and nobody has gotten back to me.

I understand that being vigilant against phishing scams is the best way to protect ourselves going forward, but regarding the information which has already been released (name, phone number, and email address), what is Avast doing to get our information back? Do we need to accept that our names, email addresses, and phone numbers will simply remain on the dark web?