Keenetic suffered a data leak in 2023, but the hacker said the data was destroyed and not sharedHowever Cybernews researchers recently received a sample databaseAlmost a million Russian households are at risk, experts say
Information on Keenetic router users, originally stolen in March 2023 and thought to have been deleted back then, has surfaced online, potentially putting a million households at significant risk.
In a security notification published on the company’s website, Keenetic said an independent IT researcher reached out in mid-March 2023 to warn about unauthorized access to the Keenetic Mobile App database.
“After verifying the nature and credibility of the risk, we immediately resolved the issue on the afternoon of March 15th 2023,” the company said. Keenetic was then told that the data hadn’t been shared with anybody, and was subsequently destroyed. However, it now seems that wasn’t really the case, since security researchers from Cybernews were recently shown samples via an anonymous tip.
Monitor your credit score with TransUnion starting at $29.95/month
TransUnion is a credit monitoring service that helps you stay on top of your financial health. With real-time alerts, credit score tracking, and identity theft protection, it ensures you never miss important changes. You’ll benefit from a customizable online interface with clear insights into your credit profile. Businesses also benefit from TransUnion’s advanced risk assessment tools.
Preferred partner (What does this mean?)View Deal
Names, emails, and plaintext passwords
Cybernews says the number of exposed records include more than a million emails, names, locales, Keycloak identity management system and Network Order IDs, and Telegram Code IDs.
Furthermore, there were 929,501 leaked records containing WiFi SSIDs and passwords in plain text, device models, serial numbers, interfaces, MAC addresses, domain names for external access, encryption keys, and much more.
Then, there were 558,371 device configuration records such as user access details, vulnerable MD-5 hashed passwords, assigned IP addresses, and expanded router settings.
Finally, comprehensive service logs containing over 53,869,785 records were also leaked, including hostnames, MAC addresses, IPs, access details, and even “owner_is_pirate” flags.
Most of the exposed users seem to be Russian-speaking (943,927), with 39,472 victims being English users, and 48,384 Turkish-language users.
After learning about the leak, Keenetic advised users who registered before March 16, 2023, to change their device user account passwords, WiFi passwords, and VPN-client passwords/pre-shared keys for PPTP/L2TP, L2TP/IPSec, IPSec Site-to-Site, SSTP.
Via Cybernews
You might also like
US government warns Medusa ransomware has hit hundreds of critical infrastructure targetsWe’ve rounded up the best password managersTake a look at our guide to the best authenticator app