Home > Cyber News > Flipboard Hacked: Criminals Acquired Account Data

Flipboard Hacked: Criminals Acquired Account Data

The popular Flipboard online service has been hacked by an unknown criminal collective. According to the published information by the company unknown hackers have been able to hijack a database containing the credentials of the registered users.

Hackers Hijacked Flipboard’s Database Full of Account Credentials

The Flipboard online service has been hacked by an unknown group of criminals. This is one of the most popular news aggregation sites which is actively being used by millions of people and the incident is rated as severe. The reason for this is because the attackers have gained access to the databases containing important credentials. The list of hijacked data includes these values: usernames, email addresses, passwords in hashed forms and the account tokens for third-party social media profiles. In their security announcement the company states that there have been two periods during which the hacks have taken place — between June 2, 2018 and March 23, 2019 and April 21 – 22, 2019.

Related: [wplinkpreview url=”https://sensorstechforum.com/12564-mongodb-databases-deleted/”]12,564 Unsecured MongoDB Databases Deleted by Attackers

Active Flipboard users have received a service email informing them that their passwords have been reset. Whenever they login next time they will be requested to supply a new one. And even though the hijacked one is in hashed form and it can be very difficult to decipher it the service strongly recommends that it is not used anywhere else on the Internet. The new password that is to be supplied by the user should follow the best security practices — it should be unique to the service, be of sufficient length and contain both alphanumeric and special characters to make it more difficult to crack.

The dangerous aspect of this hack is that we anticipate that Flipboard phishing scams can be launched soon due to the fact that the criminals have hijacked email addresses and names. They can be used to automatically generate personalized fake messages containing stolen or hacker-modified content attributed to the service. For more information you can read the announcement.

Martin Beltov

Martin graduated with a degree in Publishing from Sofia University. As a cyber security enthusiast he enjoys writing about the latest threats and mechanisms of intrusion.

More Posts

Follow Me:

Leave a Comment

Your email address will not be published. Required fields are marked *

Share on Facebook Share
Share on Twitter Tweet
Share on Google Plus Share
Share on Linkedin Share
Share on Digg Share
Share on Reddit Share
Share on Stumbleupon Share