Earlier this week, Flipboard, a popular news platform revealed that its database which contained the account information of the users was hacked. The company also revealed that the data was downloaded several times during the last 9 months. The data which was downloaded by the hackers contained the user information and user credentials. The company has also sent emails to all its users revealing the matter. The official Flipboard website has also posted a security incident notice which reveals the details about the data breach. Flipboard has around 150 million users but it remains unknown about the number of users who were affected with the attack. Taking a precautionary measure, the platform reset the passwords of all its users, the reset includes the passwords which were protected cryptographically.
According to the email sent by Flipboard to its users revealing the details, the hackers had gained access to some of its database which contained account information between June 2, 2018 and March 23, 2019 and April 21 to April 22, 2019. The email further reveals that the database contained the user’s name, password and email address. The hacker attack was discovered on April 23, 2019 by the Flipboard engineers.
Flipboard on its website stated, “Our engineering team became aware of the incident after identifying suspicious activity in the environment where the databases reside.”
The company has also assured that not all the users were affected from this attack but as a precaution it has reset all the passwords of the users. And as mentioned above, the number of users who suffered the attack remain unknown. The company also revealed that the hackers had downloaded a large amount of user’s passwords during the security failure using bcrypt. But for the users who haven’t changed their passwords since March 14, 2012, the company has protected their passwords using the SHA-1 encryption. The company has also informed the law enforcement about the hack and unauthorised access, and involved an external security firm to investigate the flaw and look further into the matter.
Flipboard said, “To help prevent something like this from happening in the future, we implemented enhanced security measures and continue to look for additional ways to strengthen the security of our systems.”
Flipboard rotated all the existing digital tokens which the users who used third party application credentials like Facebook, Google or Twitter to log in. But the users can still use the apps to log in to Flipboard.
For the latest gadget and tech news, and gadget reviews, follow us on Twitter, Facebook and Instagram. For newest tech & gadget videos subscribe to our YouTube Channel. You can also stay up to date using the Gadget Bridge Android App.