Avast! Security Firm's Forums Attacked Over the Weekend

If you're an AVAST customer and regularly use the support forums, you might be wondering today why the forums are offline.

Over the weekend, hackers stole user nicknames, user names, email addresses, and passwords from the security company's web-based forums. Fortunately, just the forums were successfully hacked and not the company's customer database. The forums store no payment, license, or financial information, just the necessary credentials for forum participation. AVAST is in the process of rebuilding the forums and migrating to a different software platform.

Forum software tends to be the weakest security link for many companies because so much less importance is attributed to them. A lot of times they are implemented because everyone else does it. Companies install them and expect them to maintain themselves, without having a proper community fostering plan in place, which includes managing spam, eliminating questionable links, and protecting those who choose to participate. Many companies deploy open source web forums and eventually pay the price for poorly developed and poorly maintained software.

For a firm dedicated to providing security solutions, this is a black eye.