Personally identifiable information of 20 million people has been leaked online following the Aptoide security breach. Aptoide is one of the most used and third-largest open source app marketplaces for Android. A hacker has leaked information on a hacker forum and it includes details like Email, Password (hashed), device details, IP address, name, date of birth of users who have installed and used the app in between July 21, 2016, to January 28, 2018.
As per the report from ZDNet, this leak is a part of a larger batch of almost 39 million records and the hack took place earlier this month. Apart from this user information other technical information like sign up tokens, developer tokens, account status, if the account was a super admin or referral login, etc are also leaked with the breach.
The PostgreSQL export file, which is the leaked data, is still available on the forum to download at the time of writing, stated ZDNet.
In case you are unaware, Aptoid is claimed to be the third-largest Android app market place for Android smartphones and tablets. Tons of that are not available in the Google Play Store are available in Aptoide, and it is one of the reasons why Aptoide got a huge userbase. As per the company they have about 250 million users all around the globe with a total of 7 billion downloads overall. Earlier there was an incident where Google Play Protect automatically uninstalled Aptoide from users device without their permission, following which the company lost about 2.2 million users in just 60 days.
ZDNet contact Aptoide regarding the security breach and they are yet to respond to it. Anyways, if you have been an Aptoide user for the given time frame, make sure you update your passwords on Aptoide as well as related services using the same Email and Password combination to be on the safer side.