Enlarge Image

It’s getting harder to keep that computer secure.
Sharon Vaknin/CNET
Have you ever had those days where you just want to shout, “You had one job!”
The latest company to earn the rebuke is the Netherlands-based antivirus software maker AVG, whose “Web tuneup” add-on for the Google Chrome browser promised to protect you from surfing to unsafe sites on the Internet. It turns out that software also exposed your browsing history and other personal data to any would-be hacker who knew how to grab it.
The problem has been fixed, but it’s unclear how many of the 9 million people who use the software might have had their information stolen.
AVG confirmed the flaw and said it created a quick fix. “As soon as we were highlighted to it, our first and foremost priority was to get a fix to market,” said Tony Anscombe a senior security evangelist at AVG. He added AVG’s core antivirus software wasn’t affected and that the company is reviewing its processes to ensure its software is safe.
The episode underscores the frustration many people feel about computer security. You think you’re doing all the right stuff, keeping all your software up to date and installing antivirus protection. AVG, a computer security company, offers this software promising to help keep you safe while surfing the Web. You should be able to trust them, right?

It’s not the first time this has happened. Other security companies, such as antivirus maker Kaspersky, have also been hacked in the past year.
This is also an expensive mistake. Verizon Enterprise Solutions estimated that 700 million compromised records from companies around the world led to losses of $400 million last year. That’s based on surveys of 70 companies, so the actual figure is likely much higher.
For its part, AVG appears to have fixed the issue within a couple days of it being written about by a Google security researcher, sending the software update just before Christmas. Hopefully that helped them avoid getting coal in their stockings.

Leave a Reply