Bitdefender is the latest antivirus vendor to be targeted by hackers, with the popular Romania-based company confirming Friday that a hacker had gained access to a server and compromised customer information.
After launching an investigation, a company spokesperson said Bitdefender discovered a hacker had exploited a vulnerability on a single server and had exposed "a very limited number of usernames and passwords." The spokesperson emphasized that hacker had not penetrated the server itself, but only exploited a vulnerability in a single public cloud application.
The issue affected roughly 1 percent of Bitdefender's SMB customers, the company spokesperson said. Enterprise and consumer customers were not affected.
According to a blog on Hacker Film, the hacker known as DetoxRansome had been attempting to blackmail the vendor on Twitter, releasing some login credentials for Bitdefender employees and asking for $15,000 in ransom to not reveal customer information. Bitdefender did not comment on the random requests.
Bitdefender said that the issue was "immediately resolved" and the company had put "additional security measures" in place. It has contacted the customers potentially affected, asking them to reset their passwords.
"Bitdefender takes security of its customers very seriously and any issue that might involve the security of our customers or the security of our servers is treated with the utmost urgency and seriousness," a Bitdefender spokesperson said in an email.
Partners of Bitdefender, who did not want to be identified, said the company had not reached out to them directly about the hack, but they had received notifications yesterday for some end users to reset their passwords for security purposes.
Despite the hack, partners said they were not concerned about the viability of the Bitdefender solution.
"I've had a good track record with Bitdefender. They're usually the ones that find a lot of the hackers and the antivirus engine is really one of the best that’s out there," one partner said.
This event is just the latest of an increasing number of hackers targeting the security vendors themselves, experts said.