But even though the passwords were hashed, it could be possible for thief to derive many of the passwords. So Avasts suggests users to change their passwords immediately.
According to Vince Steckler, CEO AVAST Software, the issue affects only Avast's community-support forum, and less than 0.2% of its 200 million users were affected. No payment, license, or financial systems or other data was compromised.
Avast is in the works of rebuilding the forum and moving it to a different software platform.