Author Topic: Security Monitoring Sites Report a Breach from Avast's Login Page  (Read 2609 times)

0 Members and 1 Guest are viewing this topic.

Offline Martin252

  • Newbie
  • *
  • Posts: 6
My credit and security monitoring services (Experion, TurboTax/ID Notify) are reporting that my email has shown up on the "Dark Web" and that the breach was specific to the Avast login page.  The notices coincide with my going to the site to try and make sure my av license was updated.

https://id.avast.com/sso

This URL redirects to:
https://account.avast.com/#/

What's up with that?

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48455
  • 63 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Security Monitoring Sites Report a Breach from Avast's Login Page
« Reply #1 on: December 04, 2023, 09:01:37 PM »
My credit and security monitoring services (Experion, TurboTax/ID Notify) are reporting that my email has shown up on the "Dark Web" and that the breach was specific to the Avast login page.  The notices coincide with my going to the site to try and make sure my av license was updated.

https://id.avast.com/sso

This URL redirects to:
https://account.avast.com/#/

What's up with that?
This could be related to a breach that happened many years ago.
I've not had any recent notifications and use the same monitoring service.


Did Experian give any further details?
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

Offline Martin252

  • Newbie
  • *
  • Posts: 6
Re: Security Monitoring Sites Report a Breach from Avast's Login Page
« Reply #2 on: December 04, 2023, 11:08:48 PM »
Because it was coincident with my logging into the Avast site, I really doubt that a prior breach was the issue unless the site is compromised and capturing logins via some nefarious means installed on their server and allowing the data to be posted on the Dark Web.

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48455
  • 63 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Security Monitoring Sites Report a Breach from Avast's Login Page
« Reply #3 on: December 05, 2023, 01:15:28 AM »
Reported to Avast let's see what they have to say.
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

Offline Ognjen3

  • Administrator
  • Newbie
  • ***
  • Posts: 17
Re: Security Monitoring Sites Report a Breach from Avast's Login Page
« Reply #4 on: December 11, 2023, 02:48:41 PM »
My credit and security monitoring services (Experion, TurboTax/ID Notify) are reporting that my email has shown up on the "Dark Web" and that the breach was specific to the Avast login page.  The notices coincide with my going to the site to try and make sure my av license was updated.

https://id.avast.com/sso

This URL redirects to:
https://account.avast.com/#/

What's up with that?

Hello Martin252,

Thank you for bringing this to our attention. We'd like to investigate the matter further, but we will require more information from you. Could you please get in touch with our support team using this link: https://support.avast.com/en-us/contact/paid_pc_avast-premium-security#pc

Please include the information you mentioned in this forum thread, and our support team will get back to you as soon as possible.

Thank you for taking the time to let us know about this issue.

Best regards,
Ognjen

Offline Martin252

  • Newbie
  • *
  • Posts: 6
Re: Security Monitoring Sites Report a Breach from Avast's Login Page
« Reply #5 on: December 13, 2023, 01:15:24 PM »
Thanks, Ognjen!

I'll make sure to report back here what was found.

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48455
  • 63 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Security Monitoring Sites Report a Breach from Avast's Login Page
« Reply #6 on: December 18, 2023, 01:27:31 PM »
My credit and security monitoring services (Experion, TurboTax/ID Notify) are reporting that my email has shown up on the "Dark Web" and that the breach was specific to the Avast login page.  The notices coincide with my going to the site to try and make sure my av license was updated.

https://id.avast.com/sso

This URL redirects to:
https://account.avast.com/#/

What's up with that?

Hello Martin252,

Thank you for bringing this to our attention. We'd like to investigate the matter further, but we will require more information from you. Could you please get in touch with our support team using this link: https://support.avast.com/en-us/contact/paid_pc_avast-premium-security#pc

Please include the information you mentioned in this forum thread, and our support team will get back to you as soon as possible.

Thank you for taking the time to let us know about this issue.

Best regards,
Ognjen
This is something everyone should be kept informed about. Thanks
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

Offline Martin252

  • Newbie
  • *
  • Posts: 6
Re: Security Monitoring Sites Report a Breach from Avast's Login Page
« Reply #7 on: December 27, 2023, 07:46:59 PM »
I provided the requested detail on December 16th and am waiting for a response.

Offline Martin252

  • Newbie
  • *
  • Posts: 6
Re: Security Monitoring Sites Report a Breach from Avast's Login Page
« Reply #8 on: January 21, 2024, 10:38:04 AM »
Still no response.

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48455
  • 63 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Security Monitoring Sites Report a Breach from Avast's Login Page
« Reply #9 on: January 21, 2024, 03:22:35 PM »
Still no response.
Amazing and disappointing.
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

Offline Ognjen3

  • Administrator
  • Newbie
  • ***
  • Posts: 17
Re: Security Monitoring Sites Report a Breach from Avast's Login Page
« Reply #10 on: January 25, 2024, 10:03:53 AM »
Still no response.

Hi Martin. Please accept our apology for the delay; I realize it's been a while since you last wrote to us. Our team needed some time to analyze the information you sent.

I checked our records, and I see that my colleague replied to you yesterday. Could you please check your inbox?

Thank you for your patience and understanding.

Offline Martin252

  • Newbie
  • *
  • Posts: 6
Re: Security Monitoring Sites Report a Breach from Avast's Login Page
« Reply #11 on: January 26, 2024, 04:09:33 AM »
Yes.  I got a reply that makes very little sense.
<QUOTE>
Hello Martin,

I hope you’re doing well.

My name is Miroslav, and I am writing to you on behalf of Avast’s senior support team.
I realize there's been a delay in response to your query, and I'd like to apologize for that and would like to address your issue now.

We would like to respectfully clarify that our Hack Check Tool was not the root cause of your information being exposed and shared on the Dark Web.

Thank you for providing the screenshots of two notices from monitoring companies.  Our systems are secure and operational. Strong encryption is part of our multi-layer protection. When we learned of this matter, we acted immediately to protect our environment and investigate the potential impact.  We immediately investigated the scope of the issue and notified the relevant data protection regulators and those whose data may have been impacted.

If you suspect that any of your personal information may have been compromised and leaked on the Dark Web recently, it is important to take necessary precautions to protect your account. While it is possible that the source of the leak may not be Avast, we still recommend that you change your password for your Avast Account as a precautionary measure. Thank you for your attention to this matter.

Additionally, we would like to offer you a free 6-month subscription to Avast BreachGuard. This service can help monitor for your personal information on the dark web.
 
Please let us know your thoughts on this matter.

Miroslav
Avast Customer Care Team
</QUOTE>

Are your systems secure?  Or was there an incident?  It sounds like the latter.
There's only one way my info showed-up on the dark web right after logging into your site.  Your site was compromised.
If there was never any problem, why am I being offered dark web monitoring, at your expense?
All I was doing with this post is letting you know you got hacked.  Your deflection and denial is falling on deaf ears.

I do find it interesting how nothing happens until this post comes back to the top of the list because I update the status showing there is no change in status on your investigation.

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48455
  • 63 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Security Monitoring Sites Report a Breach from Avast's Login Page
« Reply #12 on: January 26, 2024, 11:11:50 PM »
Piriform acknowledged an incident in 2023
CCleaner said it was impacted by the MOVEit Transfer bug.
I believe that Avast also used this service and may very well be subject to the same bug.
See the following article for more information on the Piriform incident:
https://cybernews.com/news/ccleaner-confirms-data-breach/
A clarification by or from Avast would be appreciated. Thanks

Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet