1. Website Planet
  2. >
  3. News
  4. >
  5. CCleaner Confirmed Its Data Was Stolen in MOVEit Data Breach
CCleaner Confirmed Its Data Was Stolen in MOVEit Data Breach

CCleaner Confirmed Its Data Was Stolen in MOVEit Data Breach

Ivana Shteriova November 24, 2023
November 24, 2023
Optimization app CCleaner confirmed hackers stole heaps of personal user data in a breach back in May, affecting 2% of its paid customers. Hackers compromised names, phone numbers and email addresses, billing addresses, and purchase histories.

CCleaner’s parent company, Gen Digital, which also owns Avast, Avira, and Norton LifeLock, sent an email to customers explaining that hackers took advantage of a vulnerability in the MOVEit tool. CCleaner uses this file transfer software to move files containing sensitive info. The company didn’t explain why it took months to disclose the breach and notify the affected users.

While Gen Digital didn’t disclose the exact number of affected CCleaner users, the company claims that a combined 65 million paid customers rely on its services, which includes millions of CCleaner users. Judging by these numbers, the 2% of CCleaner users affected translates into a pretty significant number.

As a reference, the MOVEit breach affected over 2,500 organizations and 66 million individuals. The exact number is reportedly far higher. Analysis has shown that US-based organizations are most affected, accounting for 77.8% of known victims, followed by Canada with 14.2%, Germany with 1.4%, and the UK with 0.8%.

The notorious ransomware gang Cl0p took responsibility for the mass-hacking incident and published the stolen data to a dark “data leak site” known as “CL0P^_- LEAKS.” This type of ransomware has been around since 2019, possibly linked to FIN11, a cybercrime group connected to Russia and Ukraine, believed to be part of a massive cybercrime network known as TA505.

This is not the first time that Gen Digital’s data has fallen into the wrong hands. On August 14, the company admitted that the MOVEit incident affected its subsidiary Norton LifeLock. More precisely, hackers stole its employees’ personal information. In 2017, CCleaner suffered a data breach by malware planted in its software, affecting two million of its users. Hackers focused on tech and telecom giants during this attack.

Research has shown that 2023 is a record year for data breaches, with the MOVEit incident topping the chart by number of victims affected. While it’s hard to calculate the exact cost, researchers found that the approximate financial damage of the MOVEit data breach is  $11,083,859,985. CCleaner hasn’t disclosed the financial impact of the breach on its budget.

Rate this Article
4.0 Voted by 2 users
You already voted! Undo
This field is required Maximal length of comment is equal 80000 chars Minimal length of comment is equal 10 chars
Any comments?
View %s replies
View %s reply
More news
Show more
We check all user comments within 48 hours to make sure they are from real people like you. We're glad you found this article useful - we would appreciate it if you let more people know about it.
Popup final window
Share this blog post with friends and co-workers right now:

We check all comments within 48 hours to make sure they're from real users like you. In the meantime, you can share your comment with others to let more people know what you think.

Once a month you will receive interesting, insightful tips, tricks, and advice to improve your website performance and reach your digital marketing goals!

So happy you liked it!

Share it with your friends!