Spotify, security firm Avast report hacks that spill user data

The list of companies suffering security breaches that spill users' password data or other personal information grew by at least two this week with disclosures from security firm Avast and music subscription service Spotify.

Prague-based Avast said its user support forum was hacked over the weekend. Attackers got access to cryptographically hashed passwords, usernames, and e-mail addresses for about 400,000 people who had accounts on the service, which was hosted on a third-party software platform. Credit card data, license numbers, and other personal information belonging to Avast customers at large were unaffected. The forum will remain offline for the time being, while the service is rebuilt and moved to a different platform.

"We realize that it is serious to have these usernames stolen and regret the concern and inconvenience it causes you," Avast CEO Vince Steckler wrote in an advisory posted Monday. "However, this is an isolated third-party system and your sensitive data remains secure."

Read 3 remaining paragraphs | Comments