Emsisoft Malware Warning: 16 Million German Users at Risk
On January 21, 2014 the German Federal Office for Information Security (BSI) announced a data breach affecting 16 million German Internet users. The information stolen is a massive collection of email addresses used as usernames and their respective passwords. As yet, it is unclear what these log-in credentials provide access to, however it is known that about half of the email addresses stolen are linked to German .de domains. A large portion are also connected to French .coms.
The data breach surfaced while the BSI was conducting research on botnets throughout Germany. To date, the identities of those behind the attack has not been publicly confirmed.
What is known is that the stolen credentials could provide identity thieves access to any number of user accounts, including social networking sites, Amazon, or even online banking. BSI spokesman, Tim Griese, therefore recommends that anyone who thinks they may have been affected by the breach change all of their passwords immediately and scan their computer for malware. He didn’t say anything about Emsisoft, but the good news is that we can help you with both.
To find out if your email address has been compromised, you can submit it to this website and the German Federal Office for Information Security will check if it is among the 16 million on its list. In the meantime, we recommend that you change your password just for good measure by following one of the methods discussed in our recent blog post on password security.
As for Griese’s recommendation to check your computer for malware, anyone running Emsisoft already has. In fact, if you’re running Emsisoft the odds are about 99.9% that your computer wasn’t infected by this botnet in the first place. Attacks like these happen more often than you would think, and so we’ve designed our software to operate unobtrusively in the background of your computer and prevent such attacks before they can occur.
As for that other .1%, well, maybe it’s time you changed that password to something a little more effective than 123456.