Breaking Flipboard Hacked, Users Details are Exposed

  • Thread starter Thread starter Abhinav
  • Start date Start date
  • Replies Replies: Replies 5
  • Views Views: Views 802

Abhinav

Staff member
Moderator
Joined
1 Feb 2019
Messages
3,203
Solutions
3
Reaction score
6,882
Flipboard Disclosed that hackers gained access to their databases twice. First between June 2, 2018, and March 23, 2019, and second between April 21 and April 22, 2019.

The data which was potentially downloaded several times over a nine-month period ending on April 22 included user credentials.

In email sent to users the company said that The databases involved may have contained your name, Flipboard username, cryptographically protected password, and email address.

Flipboard Says Hackers Stole User Details
 
Now Samsung should seriously considering getting rid of Flipboard from its preinstalled app list. They have tie-up with this crap app for news feeds where as there are lot of better services.
 
Now Samsung should seriously considering getting rid of Flipboard from its preinstalled app list. They have tie-up with this crap app for news feeds where as there are lot of better services.

It was actually a very good app with refreshing UI in the beginning. I loved it during my galaxy note era. Infact i installed it on my next device which was not even Samsung. But then it became crap in due course that i have to uninstall it.😑😑
 
I used Flipboard in the initial days, used to like it. I switched to Taptu due to few issues with Flipboard. Taptu was discontinued from the Devs, so now I use only Feedly!
 
Notice of Security Incident
Dear Flipboard Community,
We are writing to let you know about a security incident we recently identified and addressed involving a subset of user data. We know transparency is important to our community, and we want to share with you what we have learned from our investigation, measures we have taken, as well as steps you can take.
What happened
We recently identified unauthorized access to some of our databases containing certain Flipboard users’ account information, including account credentials. In response to this discovery, we immediately launched an investigation and an external security firm was engaged to assist. Findings from the investigation indicate an unauthorized person accessed and potentially obtained copies of certain databases containing Flipboard user information between June 2, 2018 and March 23, 2019 and between April 21 - 22, 2019.
What information was involved
The databases involved may have contained your name, Flipboard username, cryptographically protected password and email address.
Flipboard has always cryptographically protected passwords using a technique known by security experts as “salted hashing”. The benefit of hashing passwords is that we never need to store the passwords in plain text. Moreover, using a unique salt for each password in combination with the hashing algorithms makes it very difficult and requires significant computer resources to crack these hashed passwords. If you created or changed your password after March 14, 2012, it is hashed with a function called bcrypt. If you have not changed your password since then, it is uniquely salted and hashed with SHA-1.
Additionally, if you connected your Flipboard account to a third-party account, including social media accounts, then the databases may have contained digital tokens used to connect your Flipboard account to that third-party account. We have not found any evidence the unauthorized person accessed third-party account(s) connected to your Flipboard accounts. As a precaution, we have replaced or deleted all digital tokens.
Importantly, we do not collect from users, and this incident did not involve, Social Security numbers or other government-issued IDs, bank account, credit card, or other financial information.
What we are doing
As a precaution, we have reset all users’ passwords, even though the passwords were cryptographically protected and not all users’ account information was involved. You can continue to use Flipboard on devices from which you are already logged in. When you access your Flipboard account from a new device, or the next time you log into Flipboard after logging out of your account, you will be asked to create a new password.
As another precautionary step, we disconnected tokens used to connect to all third-party accounts, and in collaboration with our partners, we replaced all digital tokens or deleted them where applicable.
Additionally, to help prevent something like this from happening in the future, we implemented enhanced security measures and continue to look for additional ways to strengthen the security of our systems. We also notified law enforcement.
What you can do
You can continue to use Flipboard without further action. However, next time you log into your account, you will notice your Flipboard account password needs to be updated. You will find instructions on our support page (linked below) explaining how to create a new password. Also, if you use the same username and password you created for Flipboard for any other online service, we recommend you change your password there, too.
If you connected your Flipboard account to a third-party account to see its content, you may notice in some cases that you need to reconnect it. On our support page you will also find instructions for how to do this.
Where to find more information
We deeply regret this incident happened. For more information and answers to frequently asked questions, we have created a support page with more details about the incident.
Sincerely,
The Flipboard team
 
Back
Top Bottom