MacKeeper Exposes Data on 13 Million Customers
As shared in a reddit post, Chris Vickery (via Forbes) was able to download the records simply by entering an IP address, with no username or password required to access the data, a major security oversight on MacKeeper’s part.
MacKeeper was also using MD5 hashes for passwords, a weak algorithm that’s easily bypassed using an MD5 cracking tool.
It’s bad enough they were ripping people off in the first place — now they’ve exposed their passwords.
Previously: MacKeeper.
