Details Of 20 Million Aptoide App Store Users Leaked On Hacking Forum – Expert Insight

News broke over the weekend, detailing that the stolen records of 20 million users of a popular Android app store have been published online by a hacker who claims to have 19 million more. The data includes “personal identifiable information” including the user’s email address, real name, sign-up data and IP address, device details, and even a date of birth for millions of users. It also includes hashed passwords and some technical information.

Experts Comments

April 21, 2020
Sam Curry
Chief Security Officer
Cybereason
It all comes down to trust in the end, and most of these stores are asking for too much trust up front while delivering too little basis for that trust. The advantage to some degree in the Android ecosystem is that you can choose a different store or set of stores, which let’s marketplaces that focus on privacy and security features and value differentiate from one another. The unfortunate thing is that none seem to be doing it at this point - none are planting the security and privacy flags.....Read More
It all comes down to trust in the end, and most of these stores are asking for too much trust up front while delivering too little basis for that trust. The advantage to some degree in the Android ecosystem is that you can choose a different store or set of stores, which let’s marketplaces that focus on privacy and security features and value differentiate from one another. The unfortunate thing is that none seem to be doing it at this point - none are planting the security and privacy flags firmly and with investment. In reality, nothing is wholly secure because it is always an adaptive race against intelligent opponents, but which vendors’ products and services you buy into from mobile phone to home/work computing and from home automation to social media should be acknowledged to be a tacit trust moment as you effectively link your online identity, personas, privacy, security and to some degree safety with one vendor ecosystem or another. Moving forward, make sure you choose wisely and look to be able to vote with your feet. And if you’re a vendor: now is the time. Try it. Make the effort to lean in and to get good at vetting products more continuously, updating applications, protecting users, limiting damage when it occurs, being resilient and bouncing back, being transparent and generally becoming a security and privacy advocate rather than an apologist. You don’t have to be perfect. You just have to begin.  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.