20 million Aptoide app store user’s data leaked
Hackers claim to have data of 39 million Aptoide app store users.
20 million of those were leaked today.
Aptoid says 97% of Aptoide users have never signed up and so their data is not revealed.
The Google Play Store may be the official Android app store but that doesn't mean it is the only one. There are a number of app stores available for Android where users can get access to a bunch of apps. One of the most popular Android app stores is the Aptoide app store. It is popular on a lot of budget Android TVs in India as well. If you have registered with the Aptoid app store service, then there is some bad news for you. According to ZDNet, 20 million Aptoide app store users' data has been leaked on a hacking forum. The hackers claim to have information about 39 million Aptoide users. According to the source, the hackers have information on users who registered or used the Aptoide app store app between July 21, 2016, and January 28, 2018.
The hackers of the Aptoide app store have access to user information like email address, hashed password, real name, sign-up date, sign-up IP address, device details, and date of birth (if provided). ZDNet goes on to say, “Other details also include technical information such as account status, sign-up tokens, developer tokens, if the account was a super admin, or referral origin.”
Aptoide has released a statement in relation to the leaked data. The app store says that 97% of Aptoide users have never signed up. So their data is safe. 32 million Aptoide users have signed in via their Gmail or Facebook account. For them, their password was not a part of the database. Aptoid claims to have 150 million users.
The Aptoide statement reads, “Since you are not required to create an account at Aptoide to use it, 97% of Aptoide users have never signed up. In that case, you are not impacted at all. There is no information on the databases for the users that didn't sign up. In case you are in the 3% of the users that have created an account to make a comment or a review, your email address will be in the database, as well as the IP and user agent of the last login. The table has a birthday field and name but was not filled out when you signed up through the Android application. Only if you signed up through the web site to access dashboards. If you are one of the 8.8M users that signed up using your email address, your password is kept encrypted using the SHA-1 cypher in the database. Although the attack on SHA-1 is possible, it takes a long time to do it in a pure brute force attack. However, you should not consider your password secure. If you used a dictionary word or an easy password, your password may be reversed. If you use a shared password with other sites, you should change the password in those sites as well”. You can read Aptoide’s complete statement in a Q&A format here.
If you have entered your credit card information or phone number, then worry not. Aptoide says they never stored any credit card, payment information, social security, or phone numbers in the database. If you would like to remove your account from the Aptoid App store, you can do so by sending an email to support@aptoide.com.
Sameer Mitha
Sameer Mitha lives for gaming and technology is his muse. When he isn’t busy playing with gadgets or video games he delves into the world of fantasy novels. View Full Profile