Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Sead Fadilpašić

A major Keenetic router data leak could put a million households at risk

Data leak.

  • Keenetic suffered a data leak in 2023, but the hacker said the data was destroyed and not shared
  • However Cybernews researchers recently received a sample database
  • Almost a million Russian households are at risk, experts say

Information on Keenetic router users, originally stolen in March 2023 and thought to have been deleted back then, has surfaced online, potentially putting a million households at significant risk.

In a security notification published on the company’s website, Keenetic said an independent IT researcher reached out in mid-March 2023 to warn about unauthorized access to the Keenetic Mobile App database.

“After verifying the nature and credibility of the risk, we immediately resolved the issue on the afternoon of March 15th 2023,” the company said. Keenetic was then told that the data hadn’t been shared with anybody, and was subsequently destroyed. However, it now seems that wasn’t really the case, since security researchers from Cybernews were recently shown samples via an anonymous tip.

Names, emails, and plaintext passwords

Cybernews says the number of exposed records include more than a million emails, names, locales, Keycloak identity management system and Network Order IDs, and Telegram Code IDs.

Furthermore, there were 929,501 leaked records containing WiFi SSIDs and passwords in plain text, device models, serial numbers, interfaces, MAC addresses, domain names for external access, encryption keys, and much more.

Then, there were 558,371 device configuration records such as user access details, vulnerable MD-5 hashed passwords, assigned IP addresses, and expanded router settings.

Finally, comprehensive service logs containing over 53,869,785 records were also leaked, including hostnames, MAC addresses, IPs, access details, and even “owner_is_pirate” flags.

Most of the exposed users seem to be Russian-speaking (943,927), with 39,472 victims being English users, and 48,384 Turkish-language users.

After learning about the leak, Keenetic advised users who registered before March 16, 2023, to change their device user account passwords, WiFi passwords, and VPN-client passwords/pre-shared keys for PPTP/L2TP, L2TP/IPSec, IPSec Site-to-Site, SSTP.

Via Cybernews

You might also like

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.