A hacker has leaked the data of 20 million Aptoide users on a notorious hacking forum. According to ZDNet, the leak is part of a larger data dump of 39 million records, which the hacker claimed to have obtained following a hack that took place earlier this month.
The leaked information includes a host of personally-identifiable information, including e-mail ID, hashed password, name, IP address, device details and even date of birth of users who used the Aptoide app between July 21, 2016, and January 28, 2018.
As if that wasn’t enough, the leaked data, which is believed to be still available for download as a PostgreSQL file, also includes technical information like account status, sign-up tokens, developer tokens, referral origin and even information on whether the account belongs to a super admin.
Aptoide, in case you don’t know it already, is an open spource Android marketplace that includes many apps and games not found on the Google Play Store. Believed to be the largest third-party Android app store outside China with more than 1 million apps on its platform, the company claims to have 250 million users globally and 7 billion downloads.
The company has had multiple run-ins with Google over the years, including a memorable one in October 2018, when it accused the US tech giant of illegally removing the official Aptoide app from users’ devices without their consent, resulting in the loss of 2.2 million users within just 60 days.
As for the data leak, Aptoide is yet to comment on the issue, but it will be interesting to see what it does about what it does to secure its users going forward. In the meantime, Aptoide users will do well to change their login credentials to prevent anything untoward.