Flipboard suffered a security breach that exposed encrypted names and passwords

Flipboard suffered a security breach that exposed encrypted names and passwords
Flipboard suffered a security breach that exposed encrypted names and passwords

Flipboard joins the list of companies that acknowledge having suffered a security breach, and this time not only recognizes that data such as names, user names and encrypted passwords (no identity documents, cards or bank accounts) were exposed, but an unauthorized person had access to them and was probably made with copies of databases with information about service users.

How to prevent iOS iPhone apps from sending your personal info to 3rd parties

According to Flipboard, this information to which the person could have access contained data between June 2, 2018 and March 23, 2019 and between April 21 and 22, 2019. The problem was identified on April 21, while investigating suspicious activity on March 23, 2019. Flipboard has notified the authorities, something mandatory with the RGPD.

W3C and WHATWG will jointly develop the HTML specification in the future

The passwords were cryptographically protected, but still they ask you to change it

While recognizing the breach and the malicious access of the person, Flipboard says that the passwords were protected by salted hashing, whose advantage is, as we know, that in no case is it necessary to store them in plain text, and that deciphering them is a very complex task. Passwords that have not been changed since March 14, 2012 have salt and hash protection with SHA-1, while those that have been established since that time use a hash algorithm with the bcrypt function.

Read More Stories: Forensics: How the blockchain convicts criminals

Flipboard is more cautious when talking about access to third-party accounts (typical with Gmail, Facebook, Twitter, etc.), whose tokens could be in the exposed databases, and which could have been used to access reader accounts of news. However, they claim that they have not found evidence that there have been unauthorized access by the person who made the databases. To prevent subsequent evils, Flipboard ensures that they have replaced or eliminated such digital tokens.

Google does not support the new YouTube from Microsoft Edge based on Chromium

The next time Flipboard users access the service, they will need to change their password, as they will ask for it compulsorily or, in the case of having accessed with third party accounts, re-granting Flipboard access to their start data. session. The company offers in its help page more information for the reset of the password.

Read More Stories: Fake news has more engagement than real information, study reveals

SHARE
Previous articlePretty Easy Privacy (PEP): Simple email encryption can be so complicated
Next articleTCPCRYPT: IETF releases two RFCs for TCP encryption
Aakash Molpariya
Aakash started in Nov 2018 as a writer at Revyuh.com. Since joining, as writer, he is mainly responsible for Software, Science, programming, system administration and the Technology ecosystem, but due to his versatility he is used for everything possible. He writes about topics ranging from AI to hardware to games, stands in front of and behind the camera, creates creative product images and much more. He is a trained IT systems engineer and has studied computer science. By the way, he is enthusiastic about his own small projects in game development, hardware-handicraft, digital art, gaming and music. Email: aakash (at) revyuh (dot) com

LEAVE A REPLY