More than 20 million accounts registered with the software marketplace application Aptoide have been reportedly exposed after a unknown actor posted stolen user data on a hacking forum.
Researchers with Under the Breach discovered the data dump and disclosed the incident via Twitter. ZDNet reported additional details the same day.
Aptoide is a blockchain-based decentralized store from which Android device users can procure and download mobile apps. There is no one centralized store, like Google Play; instead, each individual user manages his or her own store.
ZDNet said the data dump is part of a larger set of 39 million records gained via a hack that occurred earlier in April.
Affected individuals either registered or used Aptoid between July 21, 2016, and January 28, 2018. Leaked data includes names, birth dates, email addresses, hashed passwords, sign-up dates and IP addresses, device details, account statuses, sign-up tokens, developer tokens, referral origins and details on if an account belongs to a super admin.