Data Breach at Cerberus

Tuesday, April 1, 2014 @ 11:04 AM gHale


Cerberus anti-theft Android app users got warnings from the Cerberus Security Team, urging them to change their password because it was hit with a data breach.

The warnings, sent out in an email, said company officials noted suspicious activity on Cerberus servers and blocked it. Users’ accounts did not suffer any kinds of compromise, officials said.

RELATED STORIES
SCADA Risks Up, Budgets Tight: SANS
Security Awareness: A Matter of Safety
Security Pros Fret Attacks, not NSA
Talk to Me: Elevating Security Awareness

“However, the attacker(s) were able to gain access to usernames and encrypted passwords for a subset of our users. No other personal data (emails, device information, etc.) has been accessed,” officials said. “While the accessed passwords are encrypted, as an extra precaution we have immediately secured these accounts invalidating the current passwords.”

Cerberus officials issued a statement containing more details about the breach:

“The database was not accessed, passwords are hashed and uniquely salted multiple times there, and we will migrate to bcrypt soon,” they said. “The attacker was able to access a legacy log file that contained usernames and SHA-1 hashes of passwords, that was generated by the app logins between March 1 and March 21.”

The team deleted the log file, stopped the legacy logging procedure, invalidated the passwords for the accounts present into the log and notified the users involved.

Only 3 accounts have been accessed (and notified of this), but they have reset the password for 96,564 accounts just in case. “As of March 26, none of the data obtained by the attacker was released publicly, that we know of,” they said.

The three-people-team behind the app also confirmed they are working closely with law enforcement.



Leave a Reply

You must be logged in to post a comment.