wordpress blog stats
Connect with us

Hi, what are you looking for?

Hackers accessed sensitive information of Flipboard users for over 9 months

Malware

News aggregator Flipboard disclosed in a recent announcement that hackers gained access to and potentially obtained copies of some of its databases containing user information between June 2, 2018 and March 23, 2019, and from April 21 to 22, 2019. Flipboard said it detected the intrusion on April 23, a day after the second hack, “after identifying suspicious activity in the environment where the databases reside”.

What information was compromised?

Flipboard, which has more than 145 million monthly active users, said it was in the process of determining how many accounts were affected. It said the compromised databases contained users’ names, Flipboard usernames, and cryptographically protected password and email addresses. For users who had connected their Flipboard account to a third-party account, including social media accounts, the compromised databases may have contained digital tokens. However, it said it had found no evidence that the unauthorized person accessed these third-party account(s). Flipboard emphasized that the database did not contain government-issued IDs, bank account details, credit card numbers, or any other financial information.

What action has Flipboard taken?

Flipboard said it had reset all users’ passwords as a precaution, and was in the process of notifying all affected users. It said all users would be prompted to create a new password when they next tried to log in. As another precaution, Flipboard said it disconnected tokens used to connect to all third-party accounts and replaced or deleted all digital tokens. This, it said, would require users who accessed Flipboard through their social media accounts to reconnect them to the platform. The company said it also hired an external security firm and launched an investigation. In addition, it implemented “enhanced security measures” and notified law enforcement.

Recent data breaches: Truecaller, Justdial, Amazon India

  • Last month, the Economic Times reported that the private data of users of caller ID and UPI payments app Truecaller – including names, phone numbers and email addresses – was available for purchase on the so-called dark web. It said the data of Indian users was being sold for about €2,000 (approx Rs 1.55 lakh), while that of global users was priced as high as €25,000 (approx Rs 19.5 lakh). A Truecaller spokesperson told MediaNama that the company’s database had not been breached, but said it was possible that some malicious users had been abusing their Truecaller accounts to collect phone numbers in violation of the company’s terms of service.
  • In April, Justdial suffered a data breach that leaked the data of more than 100 million users, including name, email, mobile number, gender, date of birth, photo, company and occupation. More than 70% of the data belonged to users who had called Justdial’s “8888888888” number but the data of unregistered users may also have been leaked.
  • Amazon India faced a data breach in January in which sellers’ data from their merchant tax reports was exposed to other sellers. The breach came to light when sellers logged on to Amazon to download their monthly merchant tax reports, which had information such as sales volume across categories, orders processed, and inventory.

You May Also Like

News

A database of phone numbers of around 500 million Facebook users is up for sale on Telegram, even allowing customers to look up these...

News

Large troves of personal and sensitive data belonging to investors on crypto-currency exchange BuyUCoin has been leaked on the dark web. The data leak...

News

As businesses and individuals moved online, cyber criminals and fraudsters were able to hone in their skills and target a wider range of people...

News

Sensitive card data belonging millions of Indians has been compromised and leaked on the dark web due to a security comprise at a server...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2018 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to Daily Newsletter

    © 2008-2018 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ