Flipboard was attacked by hackers, prompting the popular news aggregator to reset passwords for its entire community of around 145 million users.
Flipboard announced in a post that it had identified unauthorized access to some of its internal systems, which contained information and account credentials of some Flipboard users.
For more than nine months, the alleged hacker had access to Flipboard’s systems, potentially allowing access to obtain copies of the databases that housed users’ information.
It is not yet clear how many users were affected by the breach, but an investigation commissioned by the company revealed that the breach occurred between June 2, 2018 and March 23, 2019 and also between April 21 and 22.
The Flipboard app on an Android phone. Image: tech2
While the information in these databases included your name, Flipboard username, and email address, the passwords were protected by an encryption algorithm called bcrypt.
In explaining the effectiveness of this algorithm, Flipboard states that bcrypt adds a set of random and unique characters called sal, in addition to the usual password hashing. This encodes the password so that it is difficult to figure out, in turn, making it very difficult to crack, requiring a lot of computing power to do so.
The hacks also exposed account tokens, which essentially allow Flipboard access to account data on third-party services, such as Facebook, Google, and Samsung.
“We have not found any evidence that an unauthorized person has accessed third-party accounts connected to users’ Flipboard accounts,” the statement said. “As a precautionary measure, we have replaced or removed all digital tokens.”
“Importantly, we did not collect from users, and this incident did not involve Social Security numbers or other government-issued identifications, bank account, credit card, or other financial information,” the company said.
Flipboard, in the publication mentions that it has already notified the police of the incident and that users will have to change their password the next time they log in. Some users will also be asked to reconnect to third-party services that were previously linked to their Flipboard account.
Tech2 is now on WhatsApp. For all the latest science and technology information, subscribe to our WhatsApp services. Just go to Tech2.com/Whatsapp and hit the Subscribe button.
