A security company has been forced to apologise to its users after its software was compromised by malicious hackers.

The company behind CCleaner, Piriform, told users that it had identified suspicious activity within a version of its software earlier this month, and found that it had been illegally modified before its release to the public. This modified version was available to users for around a month, however, to Piriform’s knowledge, it was able to disarm the security threat before it was able to do any harm.

CCleaner is used by millions of people around the world to remove junk and clear space on their PCs, Macs and Android devices. Piriform says it currently investigating how the software version became compromised, and is taking steps to make sure it never happens again.

“We found that the 5.33.6162 version of CCleaner and the 1.07.3191 version of CCleaner Cloud was illegally modified before it was released to the public, and we started an investigation process,” said Paul Yung, VP for products at Piriform. “We also immediately contacted law enforcement units and worked with them on resolving the issue… Let me say that the threat has now been resolved in the sense that the rogue server is down, other potential servers are out of the control of the attacker, and we’re moving all existing CCleaner v5.33.6162 users to the latest version. Users of CCleaner Cloud version 1.07.3191 have received an automatic update. In other words, to the best of our knowledge, we were able to disarm the threat before it was able to do any harm.”