If you are committing to an anti theft software, you would think that the last thing on your mind would be the security of the information held by that company. The three-person team behind Cerberus, a popular anti theft application for Android, revealed today that a data breach caused usernames and passwords (encrypted, thankfully) to be stolen by hackers. 96,564 accounts have had their passwords reset, so this isn’t some small scale hack we’re talking here.
Cerberus goes on to inform users via their email by stating that no personal information other than what is stated above was accessed, including email addresses. They strongly noted that “These accounts have not been accessed in any way.“
Users are also told to go here to reset their passwords as soon as possible, and to verify that no unauthorized instructions were sent to your Android phone or tablet while your account was vulnerable.
Only three accounts have actually been accessed by the hackers, but if you are unfortunate enough to be one of those three, know that your activity was blocked and your password reset. As of March 26, none of the data obtained by the attacker was released publicly, that they know of.
The full email sent out to users is down below:
Our Security Team recently discovered and blocked suspicious activity on Cerberus servers. The investigation found no evidence that your account was in any way accessed or compromised.
However, the attacker(s) were able to gain access to usernames and encrypted passwords for a subset of our users. No other personal data (emails, device information, etc.) has been accessed.
While the accessed passwords are encrypted, as an extra precaution we have immediately secured these accounts invalidating the current passwords.
Please create a new password by signing into your account at www.cerberusapp.com and selecting the “Forgot password?” option, or go directly here: https://www.cerberusapp.com/forgotpwd.php . Submit the form and you will receive an email with further instructions to set your new password.
After you reset the password, you can verify that no unauthorized commands have been sent to your Android device. Open Cerberus on your device, log in and select the “View Cerberus log” option at the bottom of the app settings.
We sincerely apologize for the inconvenience of having to change your password, we take security of our users very seriously and are constantly working to improve it.
If you have any questions, please do not hesitate to contact Cerberus Support at firstname.lastname@example.org
The Cerberus Team
For more, check out their Google+ post on the matter.