Kromtech, the developer of MacKeeper, has suffered a major breach that has exposed more than 13 million users’ data.
Chris Vickery, a security researcher who has uncovered a number of similar data breaches in the past, found that a Kromtech database full of sensitive data was accessible over the internet… without any login required.
Vickery found the Kromtech server while searching for open MongoDB servers. He posted his findings on Reddit, also providing a screenshot of the structure of the database, while trying to get in touch with Kromtech to report the issue.
Shown clearly is a “users” table with more than 13 million records, and entirely accessible without the need for any kind of password.
Among the data found there, according to Vickery, were names, e-mail addresses, phone numbers, computer serial numbers, license codes, and, worst of all, usernames and very weakly hashed passwords (meaning that a determined hacker could extract passwords from the hashes given time).
On the upside, he did not manage to find any leaked credit card data, according to a comment on Reddit.
For customers of Kromtech – including, but probably not limited to, purchasers of MacKeeper – this means that it’s time to change passwords. If you use your Kromtech account password on any other online accounts, go change those as well.
I’d also advise shutting down any Kromtech accounts you have, as well as uninstalling any Kromtech software – particularly MacKeeper – from your hard drive. This is just the latest in many incidents involving Kromtech, and the former owners of MacKeeper, ZeoBIT, including accusations of fraud, a successful class-action lawsuit ruling against ZeoBIT, and even a case of malware being installed through a MacKeeper vulnerability.
So, if you have MacKeeper installed, do yourself a favor and remove it. Unfortunately, if you have purchased MacKeeper, the deadline has passed for joining the class-action lawsuit to receive your share of the settlement.
However, if you purchased it recently, you should hopefully still be able to get a refund from Kromtech.