Jump to content
Piriform Community Forums
ishan_rulz

Ashampoo Hacked, name and e-mail address stolen

Recommended Posts

Dear Ashampoo customer,

 

We in the Ashampoo group take data privacy protection very seriously. Therefore we constantly strive to guarantee the maximum possible safety for our technical systems.

Like many other companies we are targeted by organizations of hackers that try to break into IT systems in order to steal data. Unfortunately, one of our security systems fell victim to such an attack recently. An unauthorized access to one of our servers took place. However, subsidiary companies of the Ashampoo group are not affected by this incident.

What happened?

 

Hackers gained access to one of our servers. We discovered the break-in and interrupted it instantly. The security gap through which the hackers gained access was closed immediately. At the same time we reported this incident to the police. Further investigations are underway. Unfortunately, the traces of the well-concealed hackers currently disperse abroad. That is why the expenditure of the German law enforcement agency was significantly increased and the clearing up has become more difficult.

Which data were stolen?

 

The stolen pieces of information are data of addresses such as name and e-mail address. Billing information (e.g. credit card information or banking information) is definitely not affected, because our shop service contractors are concerned with this data and it is not stored on our system.

What are the hackers doing with the stolen information?

 

Among other things hackers try to use the vulnerabilities in mail server systems of other companies in order to send alleged order confirmations in their name. The company PurelyGadgets has for example announced on Facebook that their servers were used to send bogus confirmations of orders.

[update (21.04.2011): According to the latest findings and in contrast to previously announced by PureleyGadets on Facebook, the servers of PurelyGadgets were not compromised, but the company name has been used for sending fictitious confirmations of orders.]

The e-mails contain a manipulated PDF document in the attachments that apparently uses security vulnerability in order to load malicious code as soon as one tries to open the PDF. .....

 

http://www.ashampoo.com/en/usd/dth

Share this post


Link to post
Share on other sites

This sort of thing is common now, servers get hacked.

 

Good thing is no credit card or billing info was compromised, and they let folk know as soon as possible.

Share this post


Link to post
Share on other sites

Much ado about databases being breached recently. Just shows how little protection (maybe not, since these hacks are complicated, but still) is between your personal information and criminals. Scary :(

Share this post


Link to post
Share on other sites

Much ado about databases being breached recently. Just shows how little protection (maybe not, since these hacks are complicated, but still) is between your personal information and criminals. Scary :(

 

In the old days they just went through your trash. Smelly but not complicated. :lol:

Share this post


Link to post
Share on other sites

was this only on us-servers happens or also on german "home"servers?

 

i have many ashampoo-tools, as winoptimizer ;-)

 

a question in these context:

 

why find winoptimizer and ccleaner different things in registry and crap-files (i dont know, how in english correct is)

 

both are meaning, they are "safe"...?

Share this post


Link to post
Share on other sites

Hi trium.

 

Different things are found in the registry by different programs simply based upon what a particular programs developers decide what is safe to remove and what isn't, and depending upon how deep the developers decide they want to scan.

 

Some registry cleaners will find hundreds more entries than a program like CCleaner, and some of those extra entries will more than likely not be invalid and should be left alone.

 

I can't comment on Winoptimizer as I've never used it, but I'm sure there are members on here who have.

 

I would say that there is always a risk cleaning the registry, so it's of paramount importance that you follow CCleaners dialogue each time and make a back up of the entries removed.

Share this post


Link to post
Share on other sites

In the old days they just went through your trash. Smelly but not complicated. :lol:

 

True, but at least you didn't have to throw away your sensitive information :o

Share this post


Link to post
Share on other sites

In the old days they just went through your trash. Smelly but not complicated. :lol:

I'd hope they'd be going through bins of rubbish with super extra poopy baby diapers and get it all over them so they'd smell like ----.:lol:

Share this post


Link to post
Share on other sites

I'd hope they'd be going through bins of rubbish with super extra poopy baby diapers and get it all over them so they'd smell like ----.:lol:

 

The wages of sin is ... ... bedbugs. :P

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×