Bitdefender Hacked -- Customer Passwords Not Encrypted!

[Michael McAllister]

Yet another well-known company, Bitdefender, has been compromised.  The breach uncovered that customer passwords were not encrypted.  Oops!  The Hacker News reports the company "admitted its system was breached and said that the attack on its system didn’t penetrate the server, but a security hole "potentially enabled exposure of a few user accounts and passwords", which could be the SQL injection vulnerability."  The perpetrator wanted just $15,000 for the data taken.

 

http://thehackernews.com/2015/07/bitdefender-hacked.html?m=1

http://www.forbes.com/sites/thomasbrewster/2015/07/31/bitdefender-hacked/

http://www.theregister.co.uk/2015/07/31/bitdefender_breach/

[Arty]

i don't feel as if you need to use bitdefender anyway

Windows Defender for lyfe +MBAM

...but thats a dif story.

 

 

sucks that a defender company got hacked tho lol

[coollll068]

daym cant wait to hear about this

[SImoHayha]

Meh..........I use them. I use different passwords for both of my emails and just a really same password for everything else. But then again I don't give out my email a whole lot so yea and I use tons of fake info.

[Nineshadow]

affecting less than 1% of their costumers

 

 

 

 

Still, facepalm*

I use Bitdefender.

[Nowak]

A security company that... didn't have encrypted customer passwords...

 

You'd think that Bitdefender, being a security company, would have something basic like that.

[Guest]

[Guest]

This is going to be a huge pain in the ass for them. They've just spent millions on a push into the APAC market for their enterprise protection from training to demo resources to have this come up. They've got a userbase as well of approximately 500 million users too.

[Nineshadow]

A security company that... didn't have encrypted customer passwords...

 

You'd think that Bitdefender, being a security company, would have something basic like that.

They aren't exactly a cybersecurity company.

 

They make anti-virus and anti-spyware solutions, and that didn't help them in stopping the breach. Is it stupid that they didn't encrypt the users' passwords? Totally.

[dalekphalm]

They aren't exactly a cybersecurity company.

 

They make anti-virus and anti-spyware solutions, and that didn't help them in stopping the breach. Is it stupid that they didn't encrypt the users' passwords? Totally.

Just because they are seemingly incompetent doesn't mean they aren't a Cybersecurity company... That's like saying a Dodge Neon isn't a car just because it's a shitty one.

[jaggysnake57]

lolololololololololololololololololool

 

 

 

that is all

[zMeul]

never recommended BitDefender's products; and guess where I'm from  :lol:

[linuxfan66]

I don't know about the long term affect on the company though

[qwertywarrior]

can someone explain why dont these big companies ever hash their passwords ?

[NightMiu]

can someone explain why dont these big companies ever hash their passwords ?

Money.

[FroggyTaco]

can someone explain why dont these big companies ever hash their passwords ?

 

Because nobody believes they will get hacked. Think about every victim interviewed regardless of the crime & they all say "I never thought this would happen to me, this town/community, etc....