The Security Detail

Apr 22 2011   10:21PM GMT

Ashampoo Customer Data Compromised by Hackers

Tony Bradley Tony Bradley Profile: Tony Bradley

Ashampoo–a German software vendor–is the latest to fall victim to a breach of customer data resulting from hackers. An announcement on the Ashampoo site explains, “Hackers gained access to one of our servers. We discovered the break-in and interrupted it instantly. The security gap through which the hackers gained access was closed immediately.”

Troy Gill, security analyst with AppRiver, provided some expert insight on the breach. “Since it does not appear that any credit card or financial information was taken, the risk here is that these individuals will be targeted going forward.”

Gill notes that the real threat, just as in the recent exposure of customer email addresses from Epsilon, is that the contact information, combined with the known relationship with Ashampoo, will enable attackers to create much more convincing precision phishing attacks

Anup Ghosh, founder and chief scientist at Invincea has a more ominous take on the matter. Ghosh says that the string of data breaches and the general information security news over the past year or so should alarm everyone from Wall Street to Main Street. 

Ghosh explains that the end user, rather than a PC operating system or vulnerable software, has become the primary target for attackers, and is the real root of the problem. “The adversary targets the user because they know that regardless of all the patches applied to technology, one cannot apply a patch to Layer 8–the human brain. Attachments will always be opened if they look to be coming from a reliable source; curiosity has always and will always kill the cat.”

Ghosh suggests that security needs to adopt a new model that seeks to protect the entire PC environment from the actions of the user rather than focusing on identifying and patching vulnerabilities.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: