CCleaner hit by data breach that saw customer data stolen, blames MOVEit hack

(Image credit: Shutterstock / ozrimoz)

Popular optimization tool CCleaner has confirmed its services have been hit by a data breach, seemingly caused by the MOVEit data theft fiasco.

Its parent compan Gen Digital sent an email to its customers warning that threat actors exploited the MOVEit flaw to steal sensitive data from CCleaner, TechCrunch reported.

In the email, the company said the hackers took people’s names, contact information, and information about the products they had purchased. The company’s spokesperson, Jess Monney, added that phone numbers, email addresses, and billing addresses were stolen as well, which is plenty of data to run identity theft or phishing attacks.

Thousands of victims

When asked about the number of users affected, Monney allegedly avoided a direct answer, instead saying that less than two percent of users were affected. Even Gen Digital doesn’t say how many users pay for the CCleaner program, instead only saying it has 65 million paid customers across its cybersecurity portfolio.

Cl0p, the threat actor behind the attack, is apparently yet to list CCleaner on its data leak site.

The MOVEit managed file transfer fiasco was uncovered in May 2023, when the alleged Russia-tied group exploited a vulnerability to access data belonging to thousands of businesses using the program.

While at first it was thought that some 120 businesses were affected, newer estimates claim more than 2,000 victims, with more than 65 million people having their data stolen. Cl0p is now in the process of analyzing and indexing the data, and demanding payment in exchange for keeping the data private.

Some analysts believe Cl0p can make millions on this hack without too much work for the hackers.

The news means parent company Gen Digital now has two brands that were affected by MOVEit issues after Norton LifeLock, which disclosed falling victim to Cl0p in mid-August 2023.

CCleaner is a utility software used to clean unwanted and invalid files from a Windows computer. It’s considered one of the oldest utility software out there, as it launched almost two decades ago.

More from TechRadar Pro

The US government is officially investigating the MOVEit vulnerability
Here's a list of the best firewalls today
These are the best malware removal tools around

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.