Popular news aggregator stage Flipboard has uncovered that its databases containing account information of specific users have been hacked. The data that was potentially downloaded numerous times over a nine-month duration ending on April 22 incorporated clients credentials, the Palo Alto, California-based company uncovered in an email sent to all Flipboard clients. A security incident notice has additionally been published on the Flipboard website to uncover the details of the data breach. The total number of influenced clients is unsure. However, as a precautionary step, the company has reset passwords of all its around 150 million users, including the passwords that were cryptographically protected.
In an email sent to its clients, Flipboard reveals that it found that the hackers get access to a portion of its databases containing Flipboard clients information between June 2, 2018, and March 23, 2019, as well as on April 21 and April 22, 2019. “The databases included may have contained your name, Flipboard username, cryptographically ensured password, and email address,” the company said in the email.
The security incident that especially took place between April 21 and 22 was found on April 23, when Flipboard’s specialists were investigating the suspicious activity that happened on March 23. “Our engineering team became mindful of the incident after distinguishing suspicious activity in the environment where the databases live,” the company expressed in the notice on its website.
The total number of clients being affected through the data breach is dubious. In any case, Flipboard guarantees that “not all Flipboard users‘ account information was engaged in the incident” and as a precaution, everyone f the users’ passwords has been reset.
Flipboard likewise features that the vast majority of passwords that were potentially downloaded by the hackers amid the security disappointment were hashed using bcrypt. For the clients who haven’t changed their password since March 14, 2012, the company protected their passwords using SHA-1 encryption.
- iPhone/Android Can Cast Screen to TV Without Chromecast [ 5 Methods ]
- Details of the Samsung Galaxy Note 10 camera revealed by internal staff
- Changing the Google Search site ranking should lead to more relevant mobile results
Since a large number of the affected clients might have used digital tokens to log in to Flipboard using their credentials from Facebook, Google, and Twitter among different sites, Flipboard has turned all the existing digital tokens. Nevertheless, the company is as yet allowing users to get access to their Flipboard account using third-party sources such as Facebook, Google, and Twitter.
“To help prevent something like this from occurring in the future, we implemented upgraded security measures and keep to look for extra ways to strengthen the security of our systems,” the company said without revealing any particular details because of security reasons. Moreover, Flipboard mentioned that it informed law enforcement about the unauthorized get to and involved an external security firm to investigate the flaw.