Flipboard Finally Resets User Passwords Following Nine-month Breach

There are a lot of interesting and worrisome developments going on in the technology sector these days. Flipboard, one of the more social mediums in 2019, has forced users to reset their passwords. A rather late decision, considering criminals had access to the company’s servers for multiple months.

Flipboard Finally Makes the Right Call

Operating and maintaining any social-oriented online platform is a major challenge in this day and age. Every company attempting to do so tends to hit a roadblock or fall victim to a major problem sooner or later. Twitter and Facebook have all weathered their respective storms, yet it seems Flipboard’s problems may only be beginning. The company has suffered a major data breach and took several months to notice and fix the problem.

To put this in perspective, it is expected criminals gained access to the Flipboard database several months ago. For reasons unknown, they maintained this access for nearly nine months. As such, it seems safe to assume a lot of user data has been leaked. This includes user names, email addresses, and passwords. No financial information or addresses have been taken, according to the company.

For the time being, the company is still actively investigating how many users are affected by this breach. All users have received instructions to reset their password, albeit it seems the damage has already been done. It may give the Flipboard users some peace of mind when everything is said and done, albeit the data breach itself should have never been possible. Any company taking security seriously should be able to avoid such large-scale intrusions.

Interestingly enough, it appears Flipboard has not been breached just once, but twice. More specifically, the first breach occurred between June 2018 and March 2019. A second intrusion has been mentioned which took place on April 21st and 22nd of 2019. It is uncertain if the same criminals are behind both intrusions. Assuming that is not the case, one has to wonder what is going on with the platform’s security monitoring.

It is evident criminals will continue to target commonly used social platforms for quite some time to come. Not just because those platforms are seemingly relatively easy to breach, but also because their users tend to share a lot of information which would otherwise be difficult to come by. It is one of the downsides of using social media-esque platforms in general, as they blur the lines between personal and public information on a regular basis.

For the affected users, it seems not everyone had their password reset at this time. That in itself shows there are still a lot of uncertainties and unknown factors associated with how Flipboard is handling things. Users who created or reset a password prior to March 2012 should have no issues. At the same time, that information is hashed via SHA-1, which is widely deemed to be insecure.