Third-party app store Aptoide just suffered a massive hack as details of 20 million users turn up online

By Michael Allison
published

Google Pixel 3a
Google Pixel 3a (Image credit: Harish Jonnalagadda / Android Central)

What you need to know

  • Third-party Android apps store Aptoide has been hacked and details of over 20 million users leaked.
  • Details included real names, email addresses, date of birth, etc.
  • No passwords were leaked with Aptoide claiming that all passwords were encrypted and reports noting that the leaked passwords were all hashed.

A notable third-party Android app store, Aptoide, has just been hacked, and details of 20 million users have been leaked. As reported by ZDNet, the details included in the leak included things like email addresses, names, device details, date of birth, etc.

The full hack is larger in scope and said to include 39 million records with information belonging to users who used Aptoide between July 21, 2016, and January 28, 2018.

Aptoide notified users on the hack via blog post:

It has come to our knowledge that the Aptoide database may have been a victim of a hacking attack and a possible database breach.Our team is evaluating the threat and, if confirmed, taking measures to correct it. Meanwhile, we would like to rest you assure that all user passwords were encrypted.Besides your email address used for login and encrypted password, no Aptoide user's personal data is in the database. Aptoide users were never requested for physical addresses, credit card information, telephone numbers, or other personal data.Meanwhile, we closed the sign up at the Aptoide site until a full audit is conducted, and we have further information.Soon, it will be required for you to introduce a new password for security measures. If your credentials in Aptoide are shared with other sites, it is a good policy for you to change it in the other sites as well.

When it comes to security breaches, it's often not a matter of if but when a breach will happen. That's why its best for users to take risk mitigation measures like password managers and for companies to take their own measures like encrypting passwords.

Do you use Aptoide instead of or in addition to the Play Store? Let us know if you're affected by the breach in the comments below.

Best Password Managers for Android in 2020

Michael Allison
Michael Allison
1 Comment
  • I use Aptoide occasionally and this breach is a little disconcerting.