Chevron icon It indicates an expandable section or menu, or sometimes previous / next navigation options. HOMEPAGE

An antivirus app has exposed the personal details of 13 million Mac users

Tim Cook
Apple CEO Tim Cook during an Apple event in San Francisco in 2013. REUTERS/Robert Galbraith

MacKeeper, an antivirus tool for Apple Mac users, has leaked the details of over 13 million users, according to researcher Chris Vickery.

Advertisement

The flaw has since been addressed.

Vickery uncovered four IP addresses associated with MongoDB database, containing name, products orders and user credentials such as product specific usernames, password hashes.

Beyond this error, Vickery also found that the passwords MacKeeper stored were not secure. Passwords are protected by a "hashing" algorithm that takes the plain text — e.g., "password1234" — and turns it into something only a computer can read. MacKeeper was using an outdated, and easily crackable, algorithm, according to Vickery.

The MacKeeper team wrote a blog post detailing the steps it took to address the issue.

Advertisement

"Analysis of our data storage system shows only one individual gained access performed by the security researcher himself," the team wrote. "We have been in communication with Chris and he has not shared or used the data inappropriately."

This is all good news, but the fact that the company — which deals in security — left such a large amount of data available to anyone is worrying.

Business Insider received the following comment from MacKeeper:

Kromtech is aware of a potential vulnerability in access to our data storage system and we are grateful to the security researcher Chris Vickery who identified this issue without disclosing any technical details for public use. We fixed this error within hours of the discovery.

Advertisement

The company went on to reassure users that credit- and debit-card information was processed by a third-party and was never at risk. "We will continue to take every possible step to protect the data of our customers from the evolving cyberthreats that companies both large and small face on a daily basis," it said.

Apple Mac
Advertisement
Close icon Two crossed lines that form an 'X'. It indicates a way to close an interaction, or dismiss a notification.

Jump to

  1. Main content
  2. Search
  3. Account