21 GB Trove of MacKeeper Customer Data Leaked
31-year-old Vickery said he uncovered the 21 GB trove of MacKeeper customer data in a moment of boredom while searching for openly accessible databases on Shodan – a specialized search engine that looks for virtually anything connected to the Internet – that require no authentication.
“The search engine at Shodan.io had indexed their IPs as running publicly accessible MongoDB instances (as some have already guessed),” Vickery said in a Reddit post. “I had never even heard of MacKeeper or Kromtech until last night. I just happened upon it after being bored and doing a random “port:27017″ search on Shodan.”
- Customer Names
- Email addresses
- Password hashes
- Mobile phone numbers
- IP addresses
- System information
- Software licenses and activation codes
Security Product Using Weak Algorithm to Hash Passwords
Although the passwords were encrypted, Vickery believes that MacKeeper was using weak MD5 hashes to protect its customer passwords, allowing anyone to crack the passwords in seconds using MD5 cracking tools.
“Analysis of our data storage system shows only one individual gained access performed by the security researcher himself,” Kromtech, the maker of MacKeeper, said in a statement. “We have been in communication with Chris, and he has not shared or used the data inappropriately.”