Hi Everyone, We’re reaching out to help address some of the questions here. First, we can confirm that the email you received was valid and not a phishing scam. As part of the MOVEit incident, some customer information, such as name, email address and phone number, was impacted. Our systems are secure and operational, and the cause of this was addressed immediately when the MOVEit incident was discovered. While this information is not considered high risk, we take the safety of our customers extremely seriously. Being vigilant against any potential phishing threats using this information is the best way to protect yourself. As an additional means to support those impacted, we are offering dark web monitoring free of charge for six months. For more information about the Progress Software MOVEit vulnerability, you can see here. And should you have questions related to your personal account, you can always reach out to our support team.
Thank you for responding. I have reached out to the Avast support team twice and had no response. I have asked what specific information of mine has been leaked, and nobody has gotten back to me.
I understand that being vigilant against phishing scams is the best way to protect ourselves going forward, but regarding the information which has already been released (name, phone number, and email address), what is Avast doing to get our information back? Do we need to accept that our names, email addresses, and phone numbers will simply remain on the dark web?
There is no getting back information harvested by hackers in a breach.
That's why you received this notification so that you can take precautions and know this information is now on the dark web.
When there is a vulnerability in a software or system, etc your information which was allowed to be harvested by this vulnerability is now available and you need to know this. The email simply informed you of the facts.
It isn't and wasn't a sales pitch but a notification.
Thanks for informing me of that, re: the inability to get data back. I'm a layman so I don't know these things, which is why I've been trying to ask questions and get some answers. I would still like to know what information of mine, specifically, has been compromised. So hopefully the Avast support team will respond and tell me, if they can. If they can't, I'd like to understand why that's impossible to know.
I get what you're saying, that this isn't a sales pitch. But what about people who can't afford an additional piece of software? Once the 6 month free trial is finished, will those people have to just accept that their data is on the dark web and they can do nothing about it? I mean, will the compromised data magically disappear after 6 months?
Avast is responsible for our data, and they ultimately bear responsibility for that data being compromised. That's why the solution of asking people to pay for an additional service feels off, to me personally... and to a few other folks, evidently. If the personal information that we disclosed to Avast will be indefinitely exposed on the dark web, Avast's solution needs to be indefinite too.
I'm also really curious whether Avast users, who are also BreachGuard users, were informed that their data had been compromised. If the software works, they should've been aware long before the email was sent out. If not, that makes me doubt the appropriateness of BreachGuard as a solution to this problem.