If you use your Kromtech account password on any other online accounts, go change those as well. On the upside, he did not manage to find any leaked credit card data, according to a comment on Reddit.įor customers of Kromtech – including, but probably not limited to, purchasers of MacKeeper – this means that it’s time to change passwords. Shown clearly is a “users” table with more than 13 million records, and entirely accessible without the need for any kind of password.Īmong the data found there, according to Vickery, were names, e-mail addresses, phone numbers, computer serial numbers, license codes, and, worst of all, usernames and very weakly hashed passwords (meaning that a determined hacker could extract passwords from the hashes given time). He posted his findings on Reddit, also providing a screenshot of the structure of the database, while trying to get in touch with Kromtech to report the issue. ![]() ![]() ![]() ![]() Vickery found the Kromtech server while searching for open MongoDB servers. Kromtech, the developer of MacKeeper, has suffered a major breach that has exposed more than 13 million users’ data.Ĭhris Vickery, a security researcher who has uncovered a number of similar data breaches in the past, found that a Kromtech database full of sensitive data was accessible over the internet… without any login required.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |