Aptoide

In April 2020 the independent Android app store Aptoide suffered a significant security breach. A hacker published a database containing personal information of approximately 20 million users on a popular hacking forum. The breach was part of a larger set of 39 million records obtained through an unauthorized access to the platform systems. The exposed data included sensitive technical details and user credentials stored as unsalted SHA-1 hashes which are considered cryptographically weak and susceptible to cracking. This incident highlighted vulnerabilities in third party mobile application ecosystems and posed risks of credential stuffing attacks for affected users globally.