Leaving your important files intact...or all of your personal information accessible to pretty much anyone online. So, why is Chris Vickery's name all over the internet today? Well the researcher might just have saved some Mac users from further data leakage. Yep, Mr. Vickery discovered just how easy it was to access the personal information of over 13 million MacKeeper users. Names, email addresses, phone numbers, user names and password hashes were left wide open and accessible just by going to a MongoDB database. Software licenses, activation codes and IP addresses were all visible with the use of a simple search tool. The good news is that payment information was not compromised, but the company has now been exposed for bush league coding, which doesn't bode well with a supposed anti-virus protector.
Mr. Vickery discovered just how easy it was to access the personal information of over 13 million MacKeeper users.
Vickery reached out to the owner of MacKeeper, Kromtech, but didn't receive a response until he posted about the issue on Reddit. He was easily able to access the information with just four simple IP addresses and discovered that MacKeeper has actually still been using a very outdated and easy to crack "hashing" algorithm. The company acknowledged the use of the MD5 algorithm but stated that it was in the process of upgrading to another more current algorithm, SHA512. Quite frankly, this is the last kind of publicity that MacKeeper needs since its reputation is already questionable amongst Apple users and spyware spotters.
MacKeeper is supposed to be anti-virus software that once installed on your computer, "cleans" the Mac of junk files and problems. Unfortunately the utility software suite has come under fire and been the subject of lawsuits due to alleged false advertising. So, does it really protect your Mac? Opinions are pretty much split right down the middle, but we know that no one is happy when their personal information is leaked. MacKeeper released a statement via Twitter this morning to calm customers nerves.
Our customer's privacy is our top priority and we immediately took proactive steps to identify and fix the issue: https://t.co/X9hwvZZSvK— MacKeeper (@MacKeeper) December 15, 2015
...How reassuring. With news of leaks and privacy concerns becoming more common every day, should we really be worried? Maybe, if you're one of the people who is already gullable enough to use MacKeeper in the first place. Steps to uninstall the program can be found in this Macworld article if you're having second thoughts now.
Cool Ad Here