Social sharing site Flipboard has ordered to reset millions of user passwords after hackers repeatedly gained access to their system during the past nine-months.
The company made a public announcement on Tuesday where they confirmed the occurrence of hacks. According to Flipboard, the data breach took place between June 2, 2018, and March 23, 2019, while the second one was on April 21 – 22, 2019. However, the security breach was detected a day later – on April 23.
The hackers were not able to compromise ‘all’ Flipboard user accounts but did manage to get away with plenty of usernames, email addresses, passwords, and account tokens for third-party services. When inquired, the company refused to admit the number of victimized users.
Currently, Flipboard boasts around 150 million monthly users.
In their notice, Flipboard says that even though passwords were unreadable, the hackers scrambled it using the older, weak hashing SHA-1 algorithm. The passwords, after they are scrambled are much stronger and difficult to reveal in order to reuse.
The hackers also got hold of user’s account tokens that are used by Flipboard to access data from accounts on other services such as Facebook, Google, and Samsung. However, the company claims that they have not yet found any evidence of unauthorized party accessing the third-party services. Nevertheless, they have replaced or deleted all the digital tokens linked to Flipboard.
Flipboard is the latest tech giant to come under the hacker's attack in recent months. Developer platform Stack Overflow confirmed that they were targeted earlier this month. Canva, one of the most notable graphic creation platform confirmed a similar breach where they reported data of around 140 million users to be stolen.
Read next: Thousands of Users’ Private Information Exposed by Another Flaw in Instagram
The company made a public announcement on Tuesday where they confirmed the occurrence of hacks. According to Flipboard, the data breach took place between June 2, 2018, and March 23, 2019, while the second one was on April 21 – 22, 2019. However, the security breach was detected a day later – on April 23.
The hackers were not able to compromise ‘all’ Flipboard user accounts but did manage to get away with plenty of usernames, email addresses, passwords, and account tokens for third-party services. When inquired, the company refused to admit the number of victimized users.
Currently, Flipboard boasts around 150 million monthly users.
In their notice, Flipboard says that even though passwords were unreadable, the hackers scrambled it using the older, weak hashing SHA-1 algorithm. The passwords, after they are scrambled are much stronger and difficult to reveal in order to reuse.
The hackers also got hold of user’s account tokens that are used by Flipboard to access data from accounts on other services such as Facebook, Google, and Samsung. However, the company claims that they have not yet found any evidence of unauthorized party accessing the third-party services. Nevertheless, they have replaced or deleted all the digital tokens linked to Flipboard.
Flipboard is the latest tech giant to come under the hacker's attack in recent months. Developer platform Stack Overflow confirmed that they were targeted earlier this month. Canva, one of the most notable graphic creation platform confirmed a similar breach where they reported data of around 140 million users to be stolen.
Read next: Thousands of Users’ Private Information Exposed by Another Flaw in Instagram