20 million Aptoide app store users compromised in data leak
What's the story
In a shocking development, personal data of more than 20 million users of Aptoide, a third-party store for Android applications, has been leaked online.
The details of the users were stolen in a hack carried out earlier this month and posted as part of a larger batch of 39 million records on a renowned hacking forum.
Here's all about it.
Issue
Personally identifiable information of Aptoide users shared by hacker
As first reported by ZDNet, the database posted by the hackers includes personally identifiable information of Aptoide users, including their name, email, and date of birth to sign-up date, IP address, device details, and other technical information.
The batch also had passwords, although that information was encrypted with cryptographic hashes, the outlet said after going through a copy of the data.
Risk
Plus, the information is also available for download
What makes this case even scarier is the fact that the batch of hacked information still remains available for download as a PostgreSQL export file on the hacking forum.
The information largely pertains to users who signed up on Aptoide between July 21, 2016, and January 28, 2018.
So, if you signed up during this window, your information may have been compromised.
Remark
No word from Aptoide yet
Aptoide has been informed about the breach and the information exposure but the people managing the platform have not yet commented on the matter.
The Portugal-based open-source marketplace went live all the way back in 2009 and claims to have more than 150 million users around the world - all using its apps via smartphones, tablets, smart TVs, and VR devices.
Issues
Aptoide has had issues with Google as well
Aptoide offers over 1 million apps, including many that are not available on the Google Play Store - a key USP of the service.
However, during its decade-long run, the marketplace has also had multiple encounters with Google, including a case in which it claimed that the US-based marketplace had used its Play Protect program to remove Aptoide from 2.2 million smart devices.