Flipboard has confirmed they have fallen victim to hackers with information pertaining to millions of users having being stolen. What should be more worrisome is that the information leak lasted for around nine months, from June 2, 2018, and March 23, 2019. The hackers are believed to have got unauthorised access again from April 21 and 22, 2019.
Among the information that the hackers managed to decamp which include the user’s names and their email addresses along with the user name and password used to login to Flipboard. The company, however, said the password they stored were cryptographically encrypted, which means another layer of security of the passwords. It’s not known if that prevented the hackers from having user decipherable password though the same can’t be ruled out entirely.
The news aggregator site, however, didn’t confirm the precise number of users who have been affected though the number could easily be in millions. Flipboard is used by around 150 million users every month. The company also said no other information such as credit card info, social security number and so on have been stolen since the app does not store such information.
Flipboard however has said they employed weaker hashing algorithms till March 14, 2012. That happens to be a liability for passwords created prior to that date and hence have much weaker encryption that can be deciphered easily compared to more recent passwords. The company though is yet to ascertain exactly how many users might have been affected by the breach but has confirmed it’s only a subset of its users whose details have been leaked.
Flipboard also said the usual precautionary measures have already been adopted. That includes making it mandatory for all users, irrespective of them being hacked or not, to change their password right away. Further, digital token that was used to login to third-party account has also been either replaced or deleted.
Cybersecurity experts too have been roped in to find out the exact cause of the hack, as well as to plug all loopholes to prevent a recurrence of the same anytime in future.