Ashampoo warns of security breach
Software company Ashampoo has been forced to issue a warning to customers after one of its servers was hacked. While no financial or credit-card information was taken, Ashampoo is keen to stress this information was not held on this server, hackers are believed to have obtained names and email addresses.
Ashampoo is warning that affected customers could be targeted by emails containing malware payloads, such as a bogus order confirmation email containing an attachment or link to a spoofed website. As the company says in its statement, "It is always important that you stay suspicious of unknown senders and that you do not respond to requests that tell you to open attachments."
More: "If you for example receive a confirmation of an order from PurelyGadgets or another company without having made an appropriate purchase there, please do not open the attachment and delete the e-mail immediately." In an update: "According to the latest findings and in contrast to previously announced by PureleyGadets on Facebook, the servers of PurelyGadgets were not compromised, but the company name has been used for sending fictitious confirmations of orders."
For people who think that may be infected: "Using the following links you can find out whether your antivirus software can find and remove the malicious code that is currently sent: VirusTotal PDF 1; VirusTotal PDF 2."
To its credit, despite the embarrassment caused, Ashampoo doesn't shy away from taking ownership of the issue. Its statement concludes, "We would like to apologize again for any inconveniences in connection with this issue.
"If you have further questions concerning this issue, our email support at [email protected] is on hand with help and advice for you. Inquiries in this context will be handled with the highest priority." The statement can be read in full at Ashampoo's website.
Get more security news like this at Software Crew.