Links on Android Authority may earn us a commission. Learn more.
Popular alternative app store Aptoide suffers major data breach
The Google Play Store is the app store of choice for the vast majority of Android users, but the open nature of Android means you can download apps from other services too. Aptoide is one of the more prominent third-party app repositories, but it’s reportedly suffered a massive security breach.
ZDNet reports (h/t: XDA-Developers) that a hacker leaked details pertaining to 20 million Aptoide users in a hacking forum. But these details are apparently part of a larger trove of 39 million records.
The outlet reports that people who registered on Aptoide or used it between July 21 2016 and January 28 2018 are affected by the hack. Leaked data includes email addresses, hashed passwords, real names, registration dates, IP addresses, device details, and dates of birth (if added).
Aptoide responds to breach
Aptoide posted an update regarding the breach on its blog, saying it was working with data center partners to figure out what happened. Furthermore, they claimed that most users probably aren’t affected as an account isn’t required to use the service. In fact, Aptoide says 97% of users didn’t create an account. But the service claims 150 million users, so that means several million users could be affected nonetheless.
The app store adds that 32 million users signed up via Facebook or Google, and that passwords for these accounts aren’t in the leaked database. It noted that 8.8 million users signed up with their email address and that these credentials were in the database, but said these passwords were encrypted. Nevertheless, they called on users to change their passwords wherever they’re used, as it’s possible for cyber-criminals to decrypt the password using brute-force attacks.
Aptoide has confirmed that it’s temporarily disabled registrations, logins, reviews, and comments until it feels user information is safe. Nevertheless, this is a big blow to the app store, coming almost a year after it lashed out at Google Play Protect for labeling it a harmful app.
It also comes as third-party app stores see more attention than ever before due to the US/Huawei issue. Huawei’s new phones aren’t allowed to offer the Play Store and other Google apps, forcing users to third-party app repositories. In fact, Huawei was reportedly in talks with Aptoide to offer an app store on Huawei devices.