MacKeeper is under some hacker fire this week. Kromtech, the company that develops software that works to make Mac computers more stable and secure, is reporting a “potential vulnerability” in its data storage system. That potential vulnerability reportedly exposed the personal data of 13 million people.
Kromtech could not immediately be reached for comment. But here’s what we know: Security researcher Chris Vickery identified this issue privately to Kromtech before the company announced the breach. In a statement, Kromtech said it fixed the error within hours of Vickery’s report. The company said only one individual gained access to the data storage system. But one set of eyeballs on the data could do a lot of damage.
“Our customer's private information and data protection is our highest priority. All customer credit card and payment information is processed by a third-party merchant and was never at risk,” the company said in a statement. “Billing information is not transmitted or stored on any of our servers.”
Kromtech is doing everything it can to paint a picture of safety and security. The firm stressed that it does not collect any of its customers’ sensitive personal information.
“The only customer information we retain are name, products ordered, license information, public IP address and their user credentials such as product specific usernames, password hashes for the customer's Web admin account where they can manage subscriptions, support, and product licenses,” the company said.
In the wake of the breach, Kromtech is vowing to take “every possible step” to protect customer data from “evolving cyber threats” that are making headlines almost weekly. Customer security is a top priority, the firm said, noting it took “several proactive steps to identify and correct the issue.”
An end-to-end internal review to determine the scope of the hack was one step, adding an additional layer of security was another. Kromtech also said it will keep investing in cybersecurity technologies to keep customers safe.
It Was Too Easy
We caught up with Kunal Rupani, principal product manager at enterprise secure file sharing and collaboration firm Accellion, to help us put the breach into perspective. In terms of sheer numbers, there have been bigger breaches than what happened at MacKeeper, but there's more to it than that, he told us.
“The significance of this incident lies in how easy it was for the hacker to access the customer data,” Rupani said. “By entering the MongoDB database via four IP addresses, which didn’t require a username or password to access, leaves you to wonder just how many of these ‘open doorways’ exist on the Web just waiting for a curious hacker to discover.”
To make matters worse, MacKeeper used the notoriously unreliable MD5 algorithm to encrypt the passwords stored on their database, Rupani said.
“The industry has all but done away with MD5 due to serious security flaws, and this breach is a stark reminder that there are always vendors who are slow to adopt more secure processes and technologies,” Rupani said. “It’s great to hear MacKeeper is in the process of upgrading to SHA512, but this may be a case of too little, too late.”