Skip to main content
  1. Home
  2. Computing
  3. News

Database of 13 million MacKeeper users easily accessed online

Add as a preferred source on Google

Mac anti-virus software firm MacKeeper may not be so secure itself. Data on 13 million of its users, including email addresses, phone numbers, and hashed passwords, was found to be easily accessible online, according to one security researcher.

Chris Vickery discovered the database online by searching for open databases on the computer search engine Shodan. First, he discovered four IP addresses that led him to a MongoDB database, and he ultimately found the MacKeeper data featuring users’ IP addresses, software licenses, and activation codes along with the hashed passwords, names, numbers, and email addresses.

Recommended Videos

It is actually quite common to find open MongoDB databases online. However it remains unclear how long the MacKeeper database was left open. According to Brian Krebs, MacKeeper said its database was left open for about a week due to a server misconfiguration, but Vickery points out that the database he found was last dated around the middle of November.

Most strikingly, the passwords in the database were protected only with the hashing algorithm MD5, which has been decried in the past by its own creator as subpar and no longer secure. There are even MD5 cracking tools available online, which are not hard to find. MacKeeper told Forbes that it is currently updating to the SHA512 hashing algorithm.

Vickery claims that he was unable to reach Kromtech, the company behind MacKeeper, to alert it of the flaws, so he took to Reddit to make his discovery public in the hope of catching the company’s attention.

Kromtech has since responded to Vickery and thanked him for his disclosure. The firm said the vulnerability has now been patched and it will be carrying out an internal review.

“We fixed this error within hours of the discovery. Analysis of our data storage system shows only one individual gained access … the security researcher himself,” said Kromtech. “We have been in communication with Chris and he has not shared or used the data inappropriately.”

So it appears that Vickery is the only person that was aware of this potential leak of customer data, and no malicious actor gained access to the database.

Jonathan Keane
Jonathan is a freelance technology journalist living in Dublin, Ireland. He's previously written for publications and sites…
How to install macOS 27 Golden Gate public beta on your Mac?
From a smarter Siri to a more reliable Spotlight, here's your full walkthrough for installing macOS 27 Golden Gate's public beta today.
macOS 27 Golden Gate

Along with iOS 27’s public beta, Apple has also released macOS 27 Golden Gate’s public beta build, so that early adopters can get their hands on the new features, including Siri AI, and provide timely feedback to help ensure a stable iOS launch in September. 

If you’re sold on all the new features but don’t want to put your faithful MacBook through developer beta duty, a public beta offers a much more refined experience. To install macOS 27’s public beta, follow the steps given below. 

Read more
Microsoft is finally fixing the worst thing about Windows Search, but you can’t try it just yet
Windows Insiders in the Experimental channel are getting a Search experience that finally feels less of a billboard and more of what users actually need.
Page, Text, Person

Windows Search has been a mess for years, and I do not use that word lightly. Open it to find a file, and you get trending Bing topics, Microsoft Store promotions, and an AI tools tile that just opens a browser. 

That is changing, but not immediately for all users. Microsoft is rolling out a batch of Windows Search improvements to Insiders in the Experimental channel, and for once, this isn't just a fresh coat of paint.

Read more
Apple doesn’t want to share this AirPods feature with Meta, but the EU may force its hand
Spring 2027, EU only, built under DMA pressure.
The front of the Ray-Ban Meta smartglasses.

I’ve been an AirPods user for the last four years, and one of the things that makes it genuinely hard to leave behind is the seamless, almost magical pairing experience across devices. Open an AirPods case near your iPhone, and a pop-up appears within seconds. Switch to your Mac and the audio follows. 

However, the experience is limited only to Apple devices. Doesn’t matter whether you have one of the coolest pieces of tech on the market right now; if it’s not Apple, it won’t get the same treatment. However, that might change for the Meta Quest or the Ray-Ban Meta glasses, thanks to pressure from the EU. 

Read more