During August, CCleaner v5.33 (Cloud v1.07) was made available to the public containing malicious code, which sent sensitive information to a server based in the USA (216.126.X.X). This server was eventually shut down alongside US law enforcement by the 15th September, a month later. This official announcement was made on the 18th September 2017, which stated "The compromise could cause the transmission of non-sensitive data (computer name, IP address, list of installed software, list of active software, list of network adapters)". More technical information regarding this breach and was released by Paul Yang, available at: http://www.piriform.com/news/blog/2017/9/18/security-notification-for-ccleaner-v5336162-and-ccleaner-cloud-v1073191-for-32-bit-windows-users
As we have just learned, the information sent to this server over that period of time will likely have included more sensitive information, and would recommend changing passwords if you have ever used this this version of CCleaner on your devices. For more intelligent authentication systems, such as Google may already be aware of unusual activity on their accounts, and may see:
The IP address stated here, 18.104.22.168 resolves to r-219-63-62-5.ff.avast.com. Either somebody is going through great pains to implicate Avast, or the malicious code was added by Avast own team. Is it not coincidental that Avast also acquired CCleaner just a month before?
I'll leave you decide. However, in addition to changing passwords, you probably safer to keep CCleaner removed from your systems until Avast/Piriform have actually resolved this problem, as the last official word from them is "we dont want to speculate how the unauthorized code appeared in the CCleaner software, where the attack originated from, how long it was being prepared and who stood behind it. The investigation is still ongoing.". Therefore, although the original malicious code was fixed, the same thing could easily happen again.