you're reading...

Ashampoo on the Compromised list too

The software manufacturer Ashampoo also made a disclosure to all it’s customers regarding a data theft.
In this case the information revealed is only primary contact information, no billing information as the company states it does not store credit cards or other billing information.
That is good news and they are to be commended for that.
They do think that attempts at phishing using the stolen data have been made and that a distribution of malware was also attempted.

Although confirmation was raised on the 20/Apr/2011, immediately after PSN went down, the attack took place sometime before this. Ashampoo state that they are working with German law enforcement to trace the attack but think this unlikely as the attack was distributed and sourced from a non-German location. This work with law enforcement delayed the announcement.

Ashampoo Statement

– Posted using BlogPress

About harlekwinblog

"Thoughts of an idle mind." Information Security professional.


One thought on “Ashampoo on the Compromised list too

  1. I requested information about whether passwords were hashed or encrypted and received this reply:
    At the moment this still is an ongoing investigation. We can neither definitely assume that all address data are affected, nor can we definitely say that these are not affected.
    However, passwords are stored encrypted in our database, but it cannot be ruled out that these fell into the hands of strangers. On the given website we will let you know about new insights and we will post new information. We will keep you informed there and ask for your understanding.

    So we know the paswords were encrypted, which is good, but the salting would now be important.

    Posted by harlekwinblog | 2011/05/06, 10:59 am

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: