Malwarebytes — a software company dedicated to protecting users from malware, viruses and other malicious programs that can hurt their computers — fell victim to the very thing they try and protect against. In November, 2014, the Malwarebytes message board was the focus a hack that stole usernames, passwords, dates of birth and other pieces of information from the forum’s members.
The CEO of Malwarebytes, Marcin Kleczynski, reassured users that their information could not be accessed from the message board itself. In fact, Marcin claims that the hackers were able to breach an off-site server that contained the valuable information of message board users without attacking the website itself. This tactic of storing user-data away from the source server(s) is common within the security realm and is often the go-to standard of protecting client details.
Once word of the hack reached the owners of Malwarebytes, the security team forced all members of the forum to reset their existing password. This change would ensure that the members would remain protected moving into the future of the message board. Although many speculate that the hackers may still have access to the servers, this reset acts as a buffer for potential attacks in the future.
This hack should ring an alarm of notice to the rest of the software world in terms of protection and security. Even technology giants, like that of Malwarebytes, are still susceptible to malicious hacks and security breaches with relative ease. By taking software security more seriously, companies ensure that their business will thrive in the future and protect their valued customers.