Skip to main content
  1. Home
  2. Computing
  3. News

Flipboard hack prompts password reset for millions of users

By

Flipboard has been targeted by hackers, prompting the company to perform a password reset for its community of around 145 million users.

Upon learning of the hack, the Palo Alto, California-based social media and news aggregator informed law enforcement and also contacted an external security firm. Investigators confirmed that hackers had “accessed and potentially obtained copies of certain databases containing Flipboard user information” between June 2, 2018 and March 23, 2019, and also on April 21 and 22, 2019.

Recommended Videos

The stolen information extended to some users’ account information, including names, Flipboard usernames, cryptographically protected passwords, and email addresses.

Related

Flipboard uses a technique called “salted hashing” to improve the security of users’ passwords, and the company confirmed that no passwords had been stored in plain text.

It said, however, that as a precautionary measure it had decided to reset all users’ passwords.

“When you access your Flipboard account from a new device, or the next time you log into Flipboard after logging out of your account, you will be asked to create a new password,” the company explained in a message on a special webpage offering updates on the security breach. If your original Flipboard password is the same for any other online services that you use, you’re urged to change it for those services, too.

The company added that if anyone connected their Flipboard account to a third-party account — including social media accounts — then the databases may have contained digital tokens for connecting their Flipboard account to that third-party account. The company said it hasn’t found any evidence of the hackers accessing any third-party account connected to users’ Flipboard accounts. But, erring on the side of caution, it has decided to replace or delete all digital tokens, meaning you’ll have to reconnect Flipboard to those services. Details on how to do so can be found on this Flipboard webpage, which also contains an extensive FAQ section related to the breach.

Flipboard said it’s still identifying precisely which user accounts were caught up in the hack. It was also keen to point out that it holds no information such as Social Security numbers, bank account, credit card, or other financial information, and therefore such data was not involved in the hack.

The company assured users that it has already implemented “enhanced security measures” to prevent a similar kind of incident from occurring in the future.

The incident is just the latest in a string of online security incidents that have come to light in recent months, with Facebook, 500px, and Quora among those targeted.

Editors’ Recommendations

Topics
Trevor Mogg
Trevor Mogg
Contributing Editor
Not so many moons ago, Trevor moved from one tea-loving island nation that drives on the left (Britain) to another (Japan)…
Microsoft just gave you a new way to stay safe from viruses
A dark mystery hand typing on a laptop computer at night.

Microsoft has just taken a vital step towards better protecting your devices from malware, and it’s one that could stop viruses dead in their tracks. Interestingly, though, the Redmond giant seems to have made no mention of the change, despite its significance.

The new policy might sound minor on the surface: Microsoft’s SharePoint cloud storage service can apparently now scan files that are encrypted or password-protected. Previously, this wasn’t thought to be possible.

Read more
Google just made this vital Gmail security tool completely free
google makes gmail dark web monitoring free laptop stephen phillips

Hackers are constantly trying to break into large websites to steal user databases, and it’s not entirely unlikely that your own login details have been leaked at some point in the past. In cases like that, upgrading your password is vital, but how can you do that if you don’t even know your data has been hacked?

Well, Google thinks it has the answer because it has just announced that it will roll out dark web monitoring reports to every Gmail user in the U.S. This handy feature was previously limited to paid Google One subscribers, but the company revealed at its Google I/O event that it will now be available to everyone, free of charge.

Read more
This clever browser extension could banish viruses for good
A person using a laptop on a desk with a web browser showing the HubSpot marketplace on their screen.

With all the viruses, phishing scams and other malware lurking on the internet, using a web browser can be risky business these days. But one firm thinks it could make your web surfing much safer without adding any hassle.

A company named SquareX has just raised $6 million to develop an extension that would create virtual sandboxes within your web browser. Any time you’re tempted to open a file or click a link that comes from an unknown sender or could potentially pose a threat, SquareX’s extension would step in and let you open it in a kind of disposable browser.

Read more