Flipboard today emailed Flipboard users to let them know about a security breach that saw usernames, email addresses, and protected passwords accessed by hackers.
Between June 2, 2018 and April 22, 2019, there was "unauthorized access" to Flipboard databases that leaked account information. Flipboard says the hackers "potentially obtained copies" of some databases, and has not yet shared details on how many accounts were compromised.
Databases included Flipboard usernames, names, email addresses, and passwords, but the passwords were salted and hashed, which means they weren't stored in plaintext and would be difficult to crack.
Also included were digital tokens used to connect Flipboard to third party services like Twitter or Facebook, if users had indeed connected their Flipboard accounts to their social media networks.
Flipboard is resetting all user passwords and replacing or deleting all digital tokens. If you connected Flipboard to Facebook or Twitter, you will need to reconnect your accounts.
Flipboard says that to prevent something like this from happening again, it has implemented "enhanced security measures." Law enforcement officials have also been notified.
The company recommends that users who use the same username and password for Flipboard that they use for other accounts change their passwords for other services as a precautionary measure.
Top Rated Comments
Factor in third party libraries with their own vulnerabilities, software vulnerabilities, hardware vulnerabilities, and human weaknesses to phishing and the like and the job is even harder.
After having dealt with various security stuff over the years, working with third parties in software scanning, pen testers, etc. I’ve realized that the odds are stacked perpetually against any company. There are more hackers out there with agendas, resources, and cleverness than there are people available to defend against them in every corporation. It’s the blessing and curse of the internet all at once.