Texthelp can report that no customer data has been accessed or lost. The company has examined the affected file thoroughly and can confirm that it did not redirect any data, it simply used the computers CPUs to attempt to generate cryptocurrency. The exploit was active for a period of four hours on Sunday.
The Browsealoud service has been temporarily taken offline and the security breach has already been addressed, however Browsealoud will remain offline until Tuesday 12:00 GMT. This is to allow time for Texthelp customers to learn about the issue and the company’s response plan.
Security researcher Scott Helme flagged the issue via Twitter yesterday, having been initially alerted by another security professional, Ian Trump. Scott Helme traced the source of the infection to an accessibility plugin, called Browsealoud, created by a UK company called Texthelp.
It is estimated that more than 4,200 sites were infected.