MacKeeper Exposes Data on 13 Million Customers - MacRumors
Skip to Content

MacKeeper Exposes Data on 13 Million Customers

by

mackeeperAnti-virus company MacKeeper is making headlines today for its lax security on a customer database that contained 13 million customer records complete with names, email addresses, usernames, password hashes, phone numbers, IP address, and system information.

As shared in a reddit post, Chris Vickery (via Forbes) was able to download the records simply by entering an IP address, with no username or password required to access the data, a major security oversight on MacKeeper's part.

MacKeeper was also using MD5 hashes for passwords, a weak algorithm that's easily bypassed using an MD5 cracking tool. As Vickery says, MacKeeper (and parent company Kromtech) "appears to have no respect for the privacy of its users' data or the integrity of their information."

Vickery did not share details on the exploit and immediately contacted Kromtech about the oversight. Using Vickery's information, Kromtech secured the database after several hours, and nobody with malicious intent was reportedly able to get ahold of customer details. With the exploit fixed, Vickery explained how he accessed the data.

Here are some details (now that it's secured): The search engine at Shodan.io had indexed their IPs as running publicly accessible MongoDB instances (as some have already guessed). I had never even heard of MacKeeper or Kromtech until last night. I just happened upon it after being bored and doing a random "port:27017" search on Shodan.

For those unfamiliar with MacKeeper, it is Mac software that purports to optimize a Mac and keep it secure from viruses and malware, tricking people into a purchase with unrealistic claims. Earlier this month, a class action lawsuit led to a $2 million settlement that will see MacKeeper providing refunds to customers who purchased the software and would like their money back.

Though MacKeeper says Vickery was the only person to access the information, MacKeeper customers should still change their passwords and passwords on sites that used the same password as the MacKeeper password.

Top Rated Comments

larrylaffer Avatar
larrylaffer
135 months ago
The part of this story that shocks me is that 13 million fell for their scam.
Score: 40 Votes (Like | Disagree)
Mac Fly (film) Avatar
Mac Fly (film)
135 months ago
It's safe to say with the amount of money MacKeeper spend on advertising on the web they must be funded by either someone high up in the online porn industry or a large criminal organisation.

I'd love to see Apple become more involved in annihilating these guys off the map. People around here are quick to call someone dumb for installing this software, but the average person doesn't have time to hang out on MacRumors. Apple need to sort these guys out once and for all.
Score: 29 Votes (Like | Disagree)
B
Brian Y
135 months ago
If any company needs to not exist, it's them.
Score: 13 Votes (Like | Disagree)
iPhysicist Avatar
iPhysicist
135 months ago
Who could have thought of this? Me! God I really hate this product.
Score: 10 Votes (Like | Disagree)
M
madcran
135 months ago
Im glad, as a Service Manager for an Apple Specialist we tell people everyday not to use this. Some people fight us on this say they love it. We try to educate them that there are free alternatives like Malwarebytes Anti-Malware for Mac and Sophos Home for Mac that do not take over your Mac and are valid companies. Actually Malwarebytes (formally Adware Medic) sees MacKeeper as malware, CAUSE IT IS!
Score: 9 Votes (Like | Disagree)
Asarien Avatar
Asarien
135 months ago
Who didn't see this coming?
Score: 9 Votes (Like | Disagree)
Read All Comments

Popular Stories

Tim Cook Rainbow

Apple CEO Tim Cook Stepping Down, John Ternus Taking Over

Monday April 20, 2026 1:33 pm PDT by
Apple CEO Tim Cook is stepping down as Apple's chief executive officer, and hardware engineering chief John Ternus is set to take over, Apple announced today. Cook will continue on as Apple CEO through the summer, with Ternus set to join Apple's Board of Directors and take over as CEO on September 1, 2026. Cook is going to transition to executive chairman, and he will "assist with certain...
Read Full Article554 comments
Four iPhone 18 Pro Colors Mock Feature

iPhone 18 Pro Launching in September With These 10 New Features

Monday April 20, 2026 7:13 am PDT by
While the iPhone 18 Pro and iPhone 18 Pro Max are not launching until September, there are already plenty of rumors about the devices. It was initially reported that the iPhone 18 Pro models would have fully under-screen Face ID, with only a front camera visible in the top-left corner of the screen. However, the latest rumors indicate that only one Face ID component will be moved under the...
Read Full Article46 comments
macOS 27 on MacBook Pro

macOS 27 Will Mark the End of an Era

Saturday April 18, 2026 6:45 am PDT by
During its Platforms State of the Union segment at WWDC 2025, Apple revealed that macOS 26 Tahoe is the final major macOS version for Intel-based Macs. The upcoming macOS 27 release will be compatible with Apple silicon Macs only, meaning that you will need a Mac with an M-series chip or a MacBook Neo with an A18 Pro chip in order to install the software update. macOS 27 should be available...
Read Full Article284 comments