A hacker has leaked today the details of 20 million users of Aptoide, a third-party app store for Android applications.
The data, which was published on a well-known hacking forum, is part of a larger batch of 39 million records, which the hacker said to have obtained following a hack that took place earlier this month.
The leaked information, which ZDNet obtained a copy with the help of data breach monitoring service Under the Breach, contains information on users who registered or used the Aptoide app store app between July 21, 2016, and January 28, 2018.
Data leaked today that can be classified as “personal identifable information” includes details such as the user’s email address, hashed password, real name, sign-up date, sign-up IP address, device details, and date of birth (if provided).
Other details also include technical information such as account status, sign-up tokens, developer tokens, if the account was a super admin, or referral origin.
The leaked data, which is a PostgreSQL export file, is still available for download at the time of writing.
ZDNet has contacted Aptoide for comment and to notify the company of the leaked data, but we have not heard back before this article’s publication.
According to the official Aptoide website, the Portugal-based app store claims to have more than 150 million users worldwide.
In October 2018, Aptoide accused Google of using its Play Protect security system to secretly uninstall its app store app from users’ devices without users’ knowledge. The company claimed it lost more than 2.2 million users in 60 days.