Aptoide Database Breach Exposes 20 Million User Accounts

0

In today’s world, website hacks are nothing new where hackers manipulate the database of the website and expose some information or sell them. This time, the same incident happened with the Aptoide app store where some personal information and zero payment details were exposed including login credentials.

For those who don’t know what Aptoide is, it is one of the largest independent app stores in the world with a reported 150 million users. Aptoide allows developers to build their own app stores that function as part of a larger registry.

The new of Aptoide database breach first came on April 17 through the Under the Breach Twitter account. According to the report, over 39 million accounts were copied out of which 20 million accounts were exposed in a public forum as a proof. These exposed accounts include personal records such as email addresses, SHA-1 hashed passwords, names, birthdays, account status, and the IP and user agent from the last logins. In the case of super admin accounts, the record also includes the login and developer tokens.

Later on, Aptoide itself wrote on a blog post that over 49 million user accounts could have been accessed. However, the company notes that out of these 49 million accounts, 32 million accounts belonging to OAuth logins using Google and Facebook accounts, so no passwords are associated with those accounts. Passwords for all remaining accounts were hashed with SHA-1, which is no longer considered a secure hashing algorithm.

Aptoide also mentioned that very few accounts are likely to have names or birthdays on record, and there’s no payment information or other vulnerable data. So, for most of the Aptoide users, only the email addresses and a hashed password are leaked. As from the company, no vulnerable information has been leaked in this hack. 

As of now, the company is working with its data center to figure out how this hack occurred. For security purposes, Aptoide has also temporarily disabled all account-based activity, including sign-ups, logins, and leaving reviews or comments.

For the latest tech news and updates, Install TechCodex App and follow us on Google NewsFacebook, and Twitter. Also, if you like our efforts, consider sharing this story with your friends, this will encourage us to bring more exciting updates for you.

Get real time updates directly on you device, subscribe now.

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. AcceptRead More