Security breaches have become a mainstay of technology these days, which is why it’s always a good idea to change your password. Now another company has admitted that hackers have breached its servers. The news aggregator Flipboard is advising users to change their passwords right away. The Flipboard data breach occurred for much of last year and most of this year so far.
Details on the Flipboard data breach
The news aggregator is sending emails to users affected by the breach. Hackers have apparently gained access to some of the company’s databases. The Flipboard data breach exposed some users’ names, usernames, “cryptographically protected” passwords and email addresses, according to the email the company sent to users.
Users who connected their Flipboard account to their social media accounts or other types of accounts should also check their connected accounts. The Flipboard data breach may have also included the digital tokens which were used to connect to those third-party accounts. The company added that it has found no evidence that the hacker accessed any connected third-party accounts, but it has deleted or replaced all digital tokens. Flipboard also emphasized that it never asks for or stores Social Security Numbers, ID numbers or payment or financial information, so no data like that was accessed.
The Flipboard data breach occurred during two periods: between June 2, 2019 and March 23, 2019 and April 21-22, 2019.
Here’s what they are doing about it
The news aggregator has already reset all users’ passwords, although it said the passwords were “cryptographically protected,” and not all users’ accounts were exposed. Flipboard uses what’s known as “salted hashing” to protect users’ passwords, so it never stores the passwords in plain text. The company said it would be difficult for hackers to break the passwords because of the technique they use.
Flipboard will continue to work on devices that are logged in, but when logging in the next time, users will be told to change their passwords. Flipboard also informed law enforcement about the data breach, has enhanced its security measures and is looking for more ways to improve its security.
The company also published a security notice about the incident on its website.