Affiliate links on Android Authority may earn us a commission.Learn more.
PSA: Your GearBest email address and password might have leaked online (Updated)
June 29, 2025
Update (12/22):We reported yesterday on the news thatGearBestmay have been subject to a hack, and today, the company has responded with the following statement:
So,GearBestsuggests that the information may not have leaked from its site, but rather, that the email address and passwords leaked from another source were the same as ones used byGearBestcustomers.This is plausible: I’m sure lots of people use the same email and password across multiple websites, risky as it is. Still, it may have highlighted a weakness inGearBest‘s security systems — and indeed its customer relations efforts — if it has taken a person Googling their own email address to expose this. I’ve reached out once more toGearBeston this matter and will update this page with any response.
Previous coverage (12/21):Popular online retailerGearBestmay have been the subject of a recent hack, judging by thecomments currently seen onReddit. Apparently, the email, password and purchase information of around 150 supposedGearBestusers has turned up online in a Pastebin file.
This was discovered by Redditor jamesdownwell after he Googled his personal email address (something he said he sometimes does as a “random security check”) last week.
jamesdownwell says he wrote about this in r/GearBestRedditthread — which he says was removed without explanation — and has since commented elsewhere, like r/Android where we discovered it. He alsopublished an email conversationhe is alleged to have had with a support representative regarding the matter which started on December 15. Though the representative appears to acknowledge the seriousness of the matter,GearBesthasn’t made a public announcement regarding this, and the details are still available online via a cached page.
It’s currently being speculated that a vulnerability in the GearBest app has been exploited to retrieve the user information.
We aren’t going to republish that information here, for obvious reasons, but several people have commented testifying to the list’s authenticity. One person says they’ve been able tolog into more than 20 accountswith some of the details found there, while another says an item was bought through their accountwithout their knowledge.
What’s more, Android fansiteTutto Androidclaims to have already been in communication withGearBest, who has apparently acknowledged the situation and is now said to be investigating it.
We’ve contactedGearBestregarding the matter through several channels but have yet to receive a response; we’ll update this page as soon as we do. In the meantime, it might be worth changing your ownGearBestpassword just to be on the safe side.
Thank you for being part of our community. Read ourComment Policybefore posting.
