Connect with us

News

Oh boy, Flipboard was leaking user data for 9 months

Another day, another breach.

flipboard screenshots
Image: Flipboard

If you use the popular news aggregating service Flipboard to get your daily dose of current events, you probably should stop reading this and go change your password. That’s because of a giant security hole that Flipboard just revealed yesterday.

While the scope of this incident is pretty huge, the impact it will have on users might end up being fairly minimal.

Here’s what we know

For their part, Flipboard already had fairly good password storage practices so the breach only included some usable data. The database accessed had sensitive account details about users, such as usernames, email addresses, and encrypted passwords.

  • The breaches were discovered on April 23, a day after the second hacked intrusion to the server where the database is located
  • The first hack was ongoing between June 2, 2018 and March 23, 2019; with a second hack on April 21-22, 2019
  • All passwords were stored encrypted, making them difficult to crack (if able to be cracked at all)
  • Flipboard reset all users’ passwords as a precaution
  • You’ll only get asked to change your account password when signing in to the site or app, Flipboard hasn’t automatically logged users out

Flipboard seems to have handled the issue fairly well, although unless you navigate to the Help pages, check your email regularly, or follow their Twitter, you might not know a breach has occurred. That’s because there’s no notification on the Flipboard homepage to alert users.

If you’re a Flipboard user, check your associated email inbox for a message from sender: “security-notification@flipboard.com” with the subject line: “Flipboard Security Notice.”

What do you think? Do you use Flipboard? Let us know down below in the comments or carry the discussion over to our Twitter or Facebook.

Editors’ Recommendations:

Comments

More in News