I received an email today about Avast customer data being leaked on the dark web. In the email, Avast recommends signing up for an additional paid service: "As a valued customer, we would like to offer you BreachGuard for additional dark web monitoring, free of charge, for 6 months. BreachGuard helps monitor for data breaches, personal information on the dark web, and can give you access to privacy resources as applicable in your region. We will send details of how to install BreachGuard in the coming days, so please keep an eye out for those instructions, which we will send to this email address."
Despite the 6 month free period, I find it a bit shameless that Avast is admitting that its customers' names and contact information have been leaked on the dark web, which is ultimately a failure on Avast's part, as Avast takes on the responsibility of handling our data. So, we ought to sign up for another paid service in order to monitor the dark web for the information which should have secured in the first place. Paying customers should pay MORE for the privilege of what should be basic customer protection.
Further, when I used Avast Hack Check to see whether my email address has been leaked online, it reassured me that my email has not been leaked online. The MOVEit data breach email said that my contact information and name has been leaked online, but Avast's own leak program contradicts that, so now I'm confused about what data of mine is out in the world.
Does anyone know what Avast is doing about this data breach, beyond promoting BreachGuard?