Another day with another data breach notification and this time popular news aggregator service Flipboard is the latest victim. Its seen that Flipboard has started notifying its users about the security incident which it discovered recently.
In the security advisory Flipboard mentioned that hackers had accessed its some of the databases that contain Flipboard users account details including their passwords. The databases that hackers include users name and password which was hashed using Bcrypt and SHA-1. Flipboard said,
Furthermore, Flipboard says if users have connected or logged in via their social media then hackers may have digital tokens of the respective accounts from the accessed database. But not to worry, the company has already replaced all digital tokens that customers used to connect Flipboard with third-party services like Facebook, Twitter, and Google.
According to Flipboard, hackers had access to its internal systems for almost nine months, first between June 2, 2018, and March 23, 2019, and then for a second time between April 21 and April 22, 2019.
In the security advisory Flipboard mentioned that hackers had accessed its some of the databases that contain Flipboard users account details including their passwords. The databases that hackers include users name and password which was hashed using Bcrypt and SHA-1. Flipboard said,
If You created or changed your password after March 14, 2012, it is hashed with the function called bcrypt. If you have not changed your password since then, it is uniquely salted and hashed with SHA-1.Flipboard had not disclosed how many users were affected but it does say that not all Flipboard users were impacted. For security concerns, Flipboard is now resetting all user's passwords, even if users are affected or not.
Furthermore, Flipboard says if users have connected or logged in via their social media then hackers may have digital tokens of the respective accounts from the accessed database. But not to worry, the company has already replaced all digital tokens that customers used to connect Flipboard with third-party services like Facebook, Twitter, and Google.
This incident did not involve, Social Security numbers or other government issued IDs, bank account, credit card or other financial information.
According to Flipboard, hackers had access to its internal systems for almost nine months, first between June 2, 2018, and March 23, 2019, and then for a second time between April 21 and April 22, 2019.