It was reported yesterday that the online graphic-design tool website Canva was massively breached wherein a hacker pilfered upwards of 139 million accounts of registered users.
Now, according to the security notice published by the company, Flipboard, the highly popular social sharing and news aggregation app, has been hacked twice in a limited timeframe.
According to Flipboard, its databases were accessed between 2 June, 2018 and 23 March, 2019 and 21 April 2019 and 22 April, 2019 during which the hacker managed to gain copies of databases comprising Flipboard’s user information.
More than 150 million people access Flipboard every month. The company claims that the hackers downloaded the databases, which contained not only usernames and salted hash passwords but real names, email IDs, digital tokens that listed members use to link to their Flipboard account through a social media platform also came under attack.
Flipboard still hasn’t clarified the number of users impacted by this lengthy data breach, which continued almost ten months. The company went on to explain that the passwords that were changed or created before 14 March, 2012 were guarded by a fairly weak SHA-1 algorithm.
Breach notification have been sent to the affected users via emails, with Flipboard also resetting the passwords for all of its users to be on the safe side. Users are also advised to choose from stronger passwords to keep their accounts secure.
After revealing the breach, Flipboard notified its users in its official statement that users who connect to Flipboard using their social media accounts such as Google, Facebook, or Twitter, can continue using them without any worry because Flipboard doesn’t store the passwords for third-party platforms in its database and instead offers digital tokens.
It is notable that the invasion was noticed a day after the second hack occurred, that is, on 23 April, 2019 when the suspicious activity was recognized at the site where the database was stored. Law enforcement agencies have also been informed about the hack attack.