German software developer Ashampoo Hit by Data Breach !
The Hacker News

German software developer Ashampoo has notified its customers about a data breach incident that resulted in the exposure of their names and email addresses.

According to an announcement posted on the company's website, unidentified hackers broke through its security systems and gained unauthorized access to a server.

"We discovered the break-in and interrupted it instantly. The security gap through which the hackers gained access was closed immediately," said Ashampoo's CEO Rolf Hilchner.

"At the same time we reported this incident to the police. Further investigations are underway. Unfortunately, the traces of the well-concealed hackers currently disperse abroad," he added.

Fortunately, the hackers did not obtain access to billing information as this data is not stored on the company's servers.

In addition to its software development business, which includes anti-malware, firewall and data encryption products, the Ashampoo Group offers a diverse range of services through subsidiaries.

Examples of these are DownloadMix, CleverReach, H&B Immobilien, CarShampoo or Ashampoo Air Services, but none of them were impacted by this incident.

Ashampoo didn't disclose how many individuals were affected by the breach, but since the company claims to have has over 13.8 million customers, their number is probably very large.

This incident is the latest in a series of security breaches that resulted in the theft of customer email lists from major companies.

At the beginning of the month, Epsilon Data Management, one of the largest email marketing services provider in the world announced that its servers were compromised by hackers who walked away with the email addresses and names of tens or hundreds of millions of consumers.

Ashampoo warns customers about targeted attacks that might result from this incident. It gives a recent example where hackers broke into the email systems of PurelyGadgets and sent fake confirmation orders in the company's name. The rogue emails distributed PDF documents rigged with an exploit.

"If you for example receive a confirmation of an order from PurelyGadgets or another company without having made an appropriate purchase there, please do not open the attachment and delete the e-mail immediately," Mr. Hilchner advises.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.