Posted on May 30, 2019 at 7:07 AM
Flipboard Confirms to have been Hacked Twice and Exposed User Data
The company based in Palo Alto, California named Flipboard in 2010 has rapidly gained popularity and gathered over 150 million monthly users. Yet, it seems that its good reputation is about to be affected after the online magazine platform has admitted having been hacked twice which has led to the exposure of it user’s data. Flipboard warns its users that the data have most likely been stolen by the hackers, so the company was forced to reset its entire user database’s passwords to provide their users with security after the data breach.
When did the hacks happen?
First of all, the company wanted to ensure its users that there is nothing they should worry about regarding the data breach as the platform does not gather any other user data apart from name and username. Thus, Flipboard states that the damages of the hacks were limited and cannot result in any more worrying events.
The engineering team of Flipboard reported having identified the first hack which targeted the company on 23rd of April this year. The unauthorized activity has been identified within the platform’s system since 21st of April and the team has claimed that the results of the hack could be copies made by the hacker of information such as user database from the time frame of 2nd of June 2018 to 23rd of March 2019.
Yet, it seems that there have been attempts for hacking earlier before than 23rd of April as the team has originally identified suspicious and unauthorized activity on March 23, 2019. The company has been asked to determine whether the situation actually implies two separate breaches instead of the single one they have confirmed on 23rd of April but Flipboard did not initially respond to the question.
What data has been exposed and stolen?
As the hacks occurred, the company has confirmed that the data breach has exposed information regarding user names, email addresses, and passwords. The platform had to take greater initiatives in protecting their user database so Flipboard has initiated a complete password reset on the platform for each of its users thus, each user will be required to set up a new password when they log into the platform again.
Third party accounts may have been affected too
Another severe measure that the company had to take after the data breach was to replace all of the digital tokens that are normally created when users log into its platform via a third party application. Digital tokens appear as a result of the connection made by the logging in the process to establish a unique connection between the social media accounts of the users of the platform and their accounts on Flipboard.
Flipboard claims that the unauthorized activity within the service may have occurred through a third-party account that was linked to the Flipboard account. A user of the platform may have given permission to the unauthorized person to view or make changes on the account and also have access to information such as user name, profile information or posts existing on the site. Moreover, the company believes that this access that has been given to the hacker might have also allowed changes and actions within the service such as inviting new users to connect.
The company stated that it aims to eliminate any potential risks for future hacks and that severe measures are taken to enhance security measures and strengthen the security of its systems. Moreover, Flipboard wants the platform’s users to know that the company has notified law enforcement about the last series of events regarding the unauthorized activity that targeted its service.