Oh boy, Flipboard was leaking user data for 9 months
Another day, another breach.
If you use the popular news aggregating service Flipboard to get your daily dose of current events, you probably should stop reading this and go change your password. That’s because of a giant security hole that Flipboard just revealed yesterday.
While the scope of this incident is pretty huge, the impact it will have on users might end up being fairly minimal.
Here’s what we know
For their part, Flipboard already had fairly good password storage practices so the breach only included some usable data. The database accessed had sensitive account details about users, such as usernames, email addresses, and encrypted passwords.
- The breaches were discovered on April 23, a day after the second hacked intrusion to the server where the database is located
- The first hack was ongoing between June 2, 2018 and March 23, 2019; with a second hack on April 21-22, 2019
- All passwords were stored encrypted, making them difficult to crack (if able to be cracked at all)
- Flipboard reset all users’ passwords as a precaution
- You’ll only get asked to change your account password when signing in to the site or app, Flipboard hasn’t automatically logged users out
Flipboard seems to have handled the issue fairly well, although unless you navigate to the Help pages, check your email regularly, or follow their Twitter, you might not know a breach has occurred. That’s because there’s no notification on the Flipboard homepage to alert users.
If you’re a Flipboard user, check your associated email inbox for a message from sender: “firstname.lastname@example.org” with the subject line: “Flipboard Security Notice.”
- Apple Pay lands on New York City’s subways and buses on May 31
- A new report says Samsung Galaxy Fold will miss its June release date
- The Echo Show 5 is Amazon’s new $90 smart display
- iRobot is back with a duo of home-cleaning robots to keep your floors clean