Software company Ashampoo breached, customer data stolen

The German computer software company Ashampoo has been targeted by attackers that managed to gain access to its customers database and possibly exfiltrated data such as names and email addresses.

“Billing information (e.g. credit card information or banking information) is definitely not affected, because our shop service contractors are concerned with this data and it is not stored on our system,” confirmed CEO Rolf Hilchner, and added that subsidiary companies of the Ashampoo group have not been affected by this incident.

“At the same time we reported this incident to the police. Further investigations are underway. Unfortunately, the traces of the well-concealed hackers currently disperse abroad,” he shared.

The message was also emailed to the company’s customers and includes a warning about possible targeted attacks that can be mounted by using the stolen information.

“Generally it is always important that you stay suspicious of unknown senders and that you do not respond to requests that tell you to open attachments,” wrote Hilchner.

Among other software, Ashampoo is also the developer of a couple of security offerings (AV solutions, firewalls, encryption software), but as much as this breach can be embarrassing for the company, they take some comfort in the fact that they are not the first firm – or the biggest ones – to have been breached lately.