Wednesday, December 16, 2015 [Tweets] [Favorites]

MacKeeper Exposes Data on 13 Million Customers

Juli Clover:

As shared in a reddit post, Chris Vickery (via Forbes) was able to download the records simply by entering an IP address, with no username or password required to access the data, a major security oversight on MacKeeper’s part.

MacKeeper was also using MD5 hashes for passwords, a weak algorithm that’s easily bypassed using an MD5 cracking tool.

John Gruber:

It’s bad enough they were ripping people off in the first place — now they’ve exposed their passwords.

Previously: MacKeeper.

Comments

Stay up-to-date by subscribing to the Comments RSS Feed for this post.

Leave a Comment