MacKeeper, the anti-virus software for Macs, accidentally exposed the details of over 13 million users, according to a researcher.
The details included names, phone numbers, passwords, user names, and more and were discovered by security researcher Chris Vickery who alerted the company which makes MacKeeper. (MacKeeper, however, insists that no personal details were leaked and claims the information was encrypted.)
Vickery says he wasn’t looking for the information and stumbled across it.
MacKeeper offers multiple security products for Apple Mac computers. The software, which is available as a download, comes with a free trial, followed by a subscription that starts at £5.95/month ($9.99) and goes all the way up to £14.95/month ($21.99).
However, many users claim that the software doesn’t work as advertised. In many cases, customers say security threats are exaggerated or not detected at all. MacKeeper says it has a refund rate between 1.5% and 2%, however.
The company has faced multiple lawsuits over the way its software works.
In January 2014, a set of plaintiffs from Illinois said that “neither the free trial nor the full registered versions of MacKeeper performed any credible diagnostic testing,” which would invalidate one of the key claims of the software. The lawsuit was not successful, though, and MacKeeper called it a “frivolous lawsuit” in an email to Business Insider.
In May 2015, original MacKeeper developer Zeobit lost a $2 million (£1.3 million) lawsuit filed in Pennsylvania that claimed the company exaggerated security concerns on the Mac, forcing users into buying a full licence for the software. The company agreed to set up a reimbursement fund for those who felt cheated by the software’s claims but admitted no wrongdoing.
Zeobit has filed two lawsuits against people who spoke negatively about MacKeeper, claiming defamation. The first was filed in 2013 against the developer of ClearMyMac, a rival Mac cleaning client, and alleged that the company had created fake profiles, leaving unfavourable reviews. It was eventually settled out of court.
The second case was about a YouTube video that described MacKeeper as a “scam.”
Both cases were thrown out as Zeobit could not claim the defendants had damaged its reputation. The product has since been sold to Kromtech Alliance, another IT company, and Zeobit is no longer involved in maintaining the product.
Pushy advertising practices
The company buys 60 million ad impressions per month, making it the heaviest advertiser to Mac users, according to PC World. The adverts include pop-ups, affiliates, and paid-for reviews that appear across the web. (For reference, there are between 80 and 100 million Mac users in total.)
The company (or people paid by Zeobit) has also created websites that promote favourable reviews, according to Apple blog The Mac Feed. MacKeeper denies creating the websites, and says that claims that it does come from one of its competitors.
One of the top results for the search “MacKeeper” is a thread on Apple’s forums titled “Do not install MacKeeper.” The thread, which links to advice on how to uninstall the software, has been viewed almost 70,000 times. Again, MacKeeper disputes the accuracy of the forum threads here, and claims that negative coverage of its service on Apple’s website were planted by a competitor.
Other options are available
The leak is just the latest in a long line of mistakes from a company that should protect your Mac. Uninstalling MacKeeper — or, even better, not installing it in the first place — is the best option.
Macs can get clogged up with malware and viruses and keeping your machine clean is important.
Here are some alternatives:
Business Insider reached out to Zeobit, which declined to comment.