After being hit by a data breach news aggregation site Flipboard has informed users that it had reset their passwords.
According to Flipboard, hackers gained access to data between for close to nine months 2 June 2018 and 23 March 2019, plus a short window between 21 and 22 April 2019. These databases contained information such as usernames, hashed passwords and in some cases, emails or digital tokens that linked user’s profiles to third-party services.
The company sent out a statement to its users informing them of the hackers had gained access to the databases it uses to store customer information.
The company assured users that until now, they have not found evidence that the data breach led to the perpetrator gaining access to any of the third party accounts — such as Facebook, Google, or Twitter — which are linked with Flipboard user’s accounts.
Flipboard recommended that users change their passwords.
“Our advice is to ignore the uncertainty over how many users are affected and manually change the password to something secure as soon as possible. If you’ve not changed your password since March 2012, that becomes an absolute must. You can continue to use Flipboard on devices from which you are already logged in. When you access your Flipboard account from a new device, or the next time you log into Flipboard after logging out of your account, you will be asked to create a new password,” the company said in a statement.
Hackers were able to access the digital tokens that connect Flipboard to third-party accounts and the company since disconnected tokens used to connect to all third-party accounts, and in collaboration with our partners, we replaced all digital tokens or deleted them where applicable.
They also implemented enhanced security measures and continue to look for additional ways to strengthen the security of their systems and notified law enforcement.