In the recent strings of data breaches, Flipboard is the latest victim.
Flipboard, which is the news aggregation app announced a day ago in a post that they have identified unauthorized access to some of its internal servers. These internal servers contained the account information as well as credentials of the Flipboard users.
According to the post, the unknown person had access to the systems of Flipboard for nearly 9 months and they were also able to make entire copies of the databases that were hosting user information.
It is still unclear as to how many users have to feel for this breach but an investigation commissioned by Flipboard revealed that the unauthorized access occurred from in between June 2018 to April 2019.
Most passwords still remain secure:-
The information on these databases mostly included the name of users of Flipboard as well as their username and the email addresses. As for the passwords they were protected from the breach due to them being safe cryptographically with the help of an algorithm called “Bcrypt”.
This algorithm is able to add in a random set of characters to the user’s password in what is called “Salt” to make the password scrambled and also difficult to be figured out. In order to crack this scrambled password to the original one, one needs a sufficient amount of computing power.
Flipboard also announced that in light of this recent breach, they have reset nearly all of the passwords despite only a few of the users being fully affected by this breach.
Third-party accounts not accessed:-
Flipboard also revealed that its internal databases also had Digital Token which allowed Flipboard to be connected with Third-party apps. For example, it allows a user to link the Flipboard account to their social media account such asTwitter, Facebook, Google, etc.
This third-party connection allows the user to see the content from these third-party accounts as well as comment or share those articles. As per the company’s announcement that they did not saw any such unauthorized access to these third-party accounts.
Flipboard also said that they have announced this breach to the law enforcement authorities when it was discovered back on April 23rd.
As for users, Flipboard recommends them to change their passwords on their next login.