Skip to main content

Flipboard hack prompts password reset for millions of users

Flipboard has been targeted by hackers, prompting the company to perform a password reset for its community of around 145 million users.

Upon learning of the hack, the Palo Alto, California-based social media and news aggregator informed law enforcement and also contacted an external security firm. Investigators confirmed that hackers had “accessed and potentially obtained copies of certain databases containing Flipboard user information” between June 2, 2018 and March 23, 2019, and also on April 21 and 22, 2019.

Recommended Videos

The stolen information extended to some users’ account information, including names, Flipboard usernames, cryptographically protected passwords, and email addresses.

Please enable Javascript to view this content

Flipboard uses a technique called “salted hashing” to improve the security of users’ passwords, and the company confirmed that no passwords had been stored in plain text.

It said, however, that as a precautionary measure it had decided to reset all users’ passwords.

“When you access your Flipboard account from a new device, or the next time you log into Flipboard after logging out of your account, you will be asked to create a new password,” the company explained in a message on a special webpage offering updates on the security breach. If your original Flipboard password is the same for any other online services that you use, you’re urged to change it for those services, too.

The company added that if anyone connected their Flipboard account to a third-party account — including social media accounts — then the databases may have contained digital tokens for connecting their Flipboard account to that third-party account. The company said it hasn’t found any evidence of the hackers accessing any third-party account connected to users’ Flipboard accounts. But, erring on the side of caution, it has decided to replace or delete all digital tokens, meaning you’ll have to reconnect Flipboard to those services. Details on how to do so can be found on this Flipboard webpage, which also contains an extensive FAQ section related to the breach.

Flipboard said it’s still identifying precisely which user accounts were caught up in the hack. It was also keen to point out that it holds no information such as Social Security numbers, bank account, credit card, or other financial information, and therefore such data was not involved in the hack.

The company assured users that it has already implemented “enhanced security measures” to prevent a similar kind of incident from occurring in the future.

The incident is just the latest in a string of online security incidents that have come to light in recent months, with Facebook, 500px, and Quora among those targeted.

Trevor Mogg
Contributing Editor
Not so many moons ago, Trevor moved from one tea-loving island nation that drives on the left (Britain) to another (Japan)…
Bing Chat just beat a security check to stop hackers and spammers
A depiction of a hacker breaking into a system via the use of code.

Bing Chat is no stranger to controversy -- in fact, sometimes it feels like there’s a never-ending stream of scandals surrounding it and tools like ChatGPT -- and now the artificial intelligence (AI) chatbot has found itself in hot water over its ability to defeat a common cybersecurity measure.

According to Denis Shiryaev, the CEO of AI startup Neural.love, chatbots like Bing Chat and ChatGPT can potentially be used to bypass a CAPTCHA code if you just ask them the right set of questions. If this turns out to be a widespread issue, it could have worrying implications for everyone’s online security.

Read more
Bing Chat’s ads are sending users to dangerous malware sites
Bing Chat shown on a laptop.

Since it launched, Microsoft’s Bing Chat has been generating headlines left, right, and center -- and not all of them have been positive. Now, there’s a new headache for the artificial intelligence (AI) chatbot, as it’s been found it has a tendency to send you to malware websites that can infect your PC.

The discovery was made by antivirus firm Malwarebytes, which discussed the incident in a blog post. According to the company, Bing Chat is displaying malware advertisements that send users to malicious websites instead of filtering them out.

Read more
Update your Apple devices now to fix these dangerous exploits
A person using a laptop with a set of code seen on the display.

If you’re an Apple user -- whether you have a Mac, an iPhone, an iPad, or an Apple Watch -- you need to update your devices as soon as possible. That’s because Apple has discovered three actively exploited vulnerabilities that could cause your devices serious harm, and the patches are already out to fix them.

One of the bugs was found in Apple’s Security framework and would allow a malicious app to completely bypass a device’s signature validation. Another bug concerns the WebKit browser engine and could grant a threat actor the ability to run arbitrary code when a victim views a certain web page.

Read more