Technology
Flipboard reveals data breach, which left users details exposed
Flipboard is the latest company to fall foul of a data breach.
The news aggregation app announced in a post that it had identified unauthorized access of some of its internal systems, which contained some Flipboard users’ account information and credentials.
For more than nine months, the unauthorized person had access to Flipboard’s systems, potentially able to obtain copies of databases which hosted users’ information.
It’s unclear yet how many users were affected by the breach, but an investigation commissioned by the company revealed there was unauthorised access between June 2018 and April 2019.
Passwords reset, most are secure
While the information on these databases included their name, Flipboard username, and email address, the passwords were cryptographically protected with an algorithm called bcrypt.
The algorithm adds a unique, random set of characters called a salt, on top of the usual hashing of the password, in which it is scrambled to make it difficult to figure out. This makes the passwords very tough to crack, requiring significant computing power to do so.
Passwords which were set before Mar. 14, 2012 were hashed and salted with an algorithm called SHA-1, a once-widely used function now long obsolete in the realm of internet security.
Flipboard said all user passwords have been reset in light of the breach, despite only some users being affected by the incident.
No third-party accounts accessed
The company also said its internal database contained digital tokens. These allowed Flipboard and a third-party to connect, for example when a user links their Flipboard account to social media platforms like Facebook or Twitter.
This allowed users to see content from these third-party accounts (i.e. making your Facebook News Feed readable on Flipboard), as well as comment on or share articles. The company said it had not seen unauthorized access to third-party accounts.
“We have not found any evidence the unauthorized person accessed third-party account(s) connected to users’ Flipboard accounts. As a precaution, we have replaced or deleted all digital tokens,” the post read.
“Importantly, we do not collect from users, and this incident did not involve Social Security numbers or other government-issued IDs, bank account, credit card, or other financial information.”
Flipboard said it has already notified law enforcement of the incident, which it discovered on Apr. 23.
For users, they’ll be prompted to change your password next time at login, and some will be prompted to reconnect to third-party services which were previously linked to Flipboard.
‘Spellbound’ review: Netflix’s animated adventure finds its magic right at the end
2024 Black Friday ads: Greatest deals from Target, Greatest Buy, Walmart, Kohls, and more
Greatest Amazon Black Friday deals: Early savings on Fire TVs, robot vacuums, and MacBooks
A24 is selling chocolate now. But what would their films actually taste like?
New teen video-viewing guidelines: What you should know
‘Wicked’ review: Ariana Grande and Cynthia Erivo aspire to movie musical magic
How to watch ‘Smile 2’ at home: When is it streaming?
Black Friday 2024: The greatest early deals in Australia – live now
‘Dune: Prophecy’ review: The Bene Gesserit shine in this sci-fi showstopper
Earth’s mini moon could be a chunk of the big moon, scientists say
‘Venom: The Last Dance’ review: Half a great, stupid movie
‘Here’ review: Robert Zemeckis, Tom Hanks, and Robin Wright reunite
The 34 greatest Australian horror films (and where to watch them)
Menendez brothers case reignites online: The questions that keep resurfacing
How to watch the 2024-2025 NBA season without cable: The greatest streaming deals
Election 2024: The truth about voting machine security
Halloween 2024: Weekend debates, obscure memes, and a legacy of racism
‘Only Murders in the Building’ Season 4 ending explained: Who killed Sazz and why?
‘Dragon Age: The Veilguard’ review: BioWare made a good game again
‘Wallace and Gromit: Vengeance Most Fowl’ review: A delightful romp with an anti-AI streak
‘Spellbound’ review: Netflix’s animated adventure finds its magic right at the end
2024 Black Friday ads: Greatest deals from Target, Greatest Buy, Walmart, Kohls, and more
Greatest Amazon Black Friday deals: Early savings on Fire TVs, robot vacuums, and MacBooks
A24 is selling chocolate now. But what would their films actually taste like?
New teen video-viewing guidelines: What you should know
‘Wicked’ review: Ariana Grande and Cynthia Erivo aspire to movie musical magic
How to watch ‘Smile 2’ at home: When is it streaming?
Black Friday 2024: The greatest early deals in Australia – live now
‘Dune: Prophecy’ review: The Bene Gesserit shine in this sci-fi showstopper
Earth’s mini moon could be a chunk of the big moon, scientists say
-
Entertainment6 days agoEarth’s mini moon could be a chunk of the big moon, scientists say
-
Entertainment6 days agoThe space station is leaking. Why it hasn’t imperiled the mission.
-
Entertainment5 days ago‘Dune: Prophecy’ review: The Bene Gesserit shine in this sci-fi showstopper
-
Entertainment5 days agoBlack Friday 2024: The greatest early deals in Australia – live now
-
Entertainment3 days agoHow to watch ‘Smile 2’ at home: When is it streaming?
-
Entertainment3 days ago‘Wicked’ review: Ariana Grande and Cynthia Erivo aspire to movie musical magic
-
Entertainment2 days agoA24 is selling chocolate now. But what would their films actually taste like?
-
Entertainment3 days agoNew teen video-viewing guidelines: What you should know
