Popular anti-virus firm and computer security agency BitDefender has become the victim of a highly embarrassing data hack.

Apparently, hackers took away a “very limited” number of usernames and passwords of the firm’s customers and are now threatening to make the data public if the required ransom is not paid.

However, BitDefender refused to give in to the hackers’ demands and currently the company is collaborating with law enforcement to sort out this issue.

Around 250 BitDefender customer usernames and passwords have been exposed by the hackers already to prove the legitimacy of their claim. According to the criminals, the hacked data was stored in an unencrypted state at the Amazon Elastic Web Cloud. It is, however, clear that less than 1 percent of accounts have been compromised.

BitDefender’s spokesperson explained:

“THE ISSUE WAS IMMEDIATELY RESOLVED AND ADDITIONAL SECURITY MEASURES WERE PUT IN PLACE IN ORDER TO PREVENT IT FROM REOCCURRING. AS AN EXTRA PRECAUTION, A PASSWORD RESET NOTICE WAS SENT TO ALL POTENTIALLY AFFECTED CUSTOMERS. OUR INVESTIGATION REVEALED NO OTHER SERVER OR SERVICES WERE IMPACTED.”

It is heartening that the scope of this hack is rather limited, but the fact that a company that is purely dedicated to securing our computers and creating anti-viruses has been hacked too is scary in itself.

BitDefender customers must change their account passwords immediately.

This is not the first time when a hotshot IT security company has faced a breach. In past, Kaspersky had its servers hacked by government-backed hackers not for the money but for the purpose of surveillance. Hackers used stolen Foxconn certs’ to Hack Kaspersky Via Duqu 2.0 Malware.

Hacking Team, an Italian based government spyware and surveillance service provider was also hacked by unknown hackers and the motive behind the hack was to expose the firm’s business dealings with governments around the world.

Such breaches show no one is secure from hackers even those who claim to provide security from hackers.