Information Systems Integration – Tony Messina

CCleaner acts fast, transparent amidst cyber attack

More than two million people downloaded a malicious update for the free PC-cleaning software CCleaner. While the software has been downloaded over two billion times, the corrupted files only affected 32-bit and cloud versions of the update. It was released on August 18th, while the problem went undetected for four weeks and was resolved within three days thereafter.  As soon as the issue was resolved, Vince Stekler, CEO of CCleaner, released a statement detailing the timeline of events and actions taken by the company to protect customers and eliminate the risk. In light of the massive data break Equifax suffered, it was critical for CCleaner to act fast and be transparent with their customers about the situation.

This is yet another example of how critical data security is becoming in today’s world where cyber attacks are becoming the new frontier.

Story: http://www.wired.co.uk/article/ccleaner-windows-free-malware-hack-update
CCleaner Response: https://blog.avast.com/update-to-the-ccleaner-5.33.6162-security-incident

2 Responses to CCleaner acts fast, transparent amidst cyber attack

  • As somebody who has been using CCleaner on all of my PCs and laptops for years now, news of this hack had me panicking. I immediately scrambled to find out more details out hack and was relieved to discover that it was for a version of the software that I didn’t have.

    Although I believe that comparing the scale and impact of the Equifax data breach and CCleaner’s malware is comparing apples to oranges, I feel that the real comparison is how executives handled the situation. As you said, transparency and a fast response were the highest priority for Vince Stekler.

    I think one of the key takeaways from the Avast blog was that they dispelled many rumors or misleading press coverages, some of which I read and believed. Avast & Piriform moved quickly to address the number of threatened users (initially 2.27M) and reduced that number to 730K within only a few days with the quickfix patch.

    Even with the updated blog (on Sept 20th), they remained transparent with their findings and even claimed that some of their initial hyptheses or estimations were incorrect. Overall, I think there is a lot to be learned from the way Piriform handled this threat before it became a full-fledged crisis.

  • I had CCleaner on an old laptop, its like that software you use once, and it almost, barely works. Its funny how even a well handled breach ruins customer trust, I probably wont use CCleaner again.

Leave a Reply

Your email address will not be published. Required fields are marked *