On Monday, June 20, 2022 (at about 11:30AM USA Eastern Time) I downloaded and ran Recuva. Recuva finished a deep scan at about 2PM. ONE HOUR AFTER RUNNING RECUVA, at 3PM, someone tried to hack into my PayChex.com payroll account - yes, I had my PayChex login info in one of the recovered files. Was the attempted hack a coincidence? I think not. Luckily, my PayChex.com account requires a cell phone text security code - this is how I know my PayChex.com account had an attempted had - I received a text security code.

Piriform needs to look into this.

Would you please contact our support team via the Contact Us form located here: https://support.piriform.com/hc/en-us/requests/new?ticket_form_id=86507 or by emailing support@ccleaner.com directly with as much detail as you can about the case?

While it seems unlikely that the two situations are directly related (Recuva does not send any of your recovered data over the internet, and we've not seen similar cases reported), this is certainly a concern and something we'd like to look into.

I'd also recommend doing a thorough virus and malware scan, preferably with portable tools not left installed on the computer for best results, as there is a possibility that something might have been on the computer already and was just triggered by this "new" file being created. (Something like the SuperAntiSpyware Portable utility listed here: https://www.howtogeek.com/howto/9283/superantispyware-portable-is-the-must-have-spyware-removal-tool-you-need/ might be a place to start - and if any of our other kind forumgoers have suggestions, I'd welcome them!)