The hacker responsible for breaking into U.S.-based Kaspersky Lab support website on Feb. 7 set off a wave of attacks against the antivirus vendor when details of the breach were published on a hacking community website.
The information was detailed in a report issued by database security expert David Litchfield, who conducted an analysis of the breach to determine if any sensitive files were accessed. Although customer data was exposed as a result of a coding error, Litchfield said no files were breached.
“The attacker’s claim to be able to access customer data is correct and, as is apparent from the Web server log files, the attacker did attempt to gain access to customer data however, the attempts failed,” Litchfield said in a short excerpt of the report released by Kaspersky Friday.
Follow up attempts by other attackers also failed to gain access to the customer data, Litchfield said. The exposed server, which was online for 10 days, contained thousands of customer email addresses and up to 25,000 software activation codes. The attacker notified Kaspersky in an email message sent an hour prior to the breach.
“On hearing of the threat, Kaspersky immediately took down the vulnerable Web server, preventing further and deeper breaches,” he wrote.