What you need to know
- Flipboard says hackers gain unauthorized access to its databases containing user details.
- The databases in question included users' names, encrypted passwords and email addresses.
- Flipboard is resetting passwords for millions of users as a precautionary measure.
- Third-party accounts aren't affected, but Flipboard is also resetting tokens.
News aggregator Flipboard is the latest to succumb to a data breach, with the service noting that hackers gained unauthorized access to its databases containing users' account information. The breach occurred between June 2, 2018 and March 23, 2019 and April 21 – 22, 2019, with hackers making copies of users' name, Flipboard usernames, cryptographically protected passwords and email addresses.
Thankfully, Flipboard doesn't collect sensitive information like credit card details or government-issued IDs. The service set up an FAQ page to provide more information about the breach:
We recently identified unauthorized access to some of our databases containing certain Flipboard users' account information, including account credentials. In response to this discovery, we immediately launched an investigation and an external security firm was engaged to assist.
Findings from the investigation indicate an unauthorized person accessed and potentially obtained copies of certain databases containing Flipboard user information between June 2, 2018 and March 23, 2019 and April 21 – 22, 2019.
The databases involved contained some of our users' account information, including name, Flipboard username, cryptographically protected password and email address.
Flipboard says it switched to salted hashing to store all user passwords created or changed after March 14, 2012, which should make it extremely hard for the hackers to crack the passwords. The service also noted that it swithced out digital tokens for third-party accounts even though it didn't see any unauthorized access.
Flipboard is still "identifying the accounts involved," but the service is resetting all users' passwords as a precautionary measure:
As a precaution, we have reset all users' passwords, even though the passwords were cryptographically protected and not all users' account information was involved. You can continue to use Flipboard on devices from which you are already logged in. When you access your Flipboard account from a new device, or the next time you log into Flipboard after logging out of your account, you will be asked to create a new password.
As another precautionary step, we disconnected tokens used to connect to all third-party accounts, and in collaboration with our partners, we replaced all digital tokens or deleted them where applicable.
Flipboard also says it implemented "enhanced security measures" to prevent a further breach in the future. If you're a Flipboard user, you should reset your password. For what it's worth, Flipboard handled this situation with aplomb, resetting passwords and tokens and adding safeguards to make sure this doesn't occur again.
The Galaxy S20 Ultra's Space Zoom camera is amazing and a bit creepy
The Galaxy S20 Ultra supports up to 100X zoom, which Samsung calls Space Zoom, but is it any good? Can a phone really product usable photos at 100x zoom? We've got our Galaxy S20 Ultra already so join us to find out!
Win an iPhone, iPad and Apple Watch with the Reader's Choice giveaway!
What's the best phone of 2019? Is it the iPhone 11 Pro, Pixel 4 or OnePlus 7T? What about the best laptop, games console, tablet and more? Vote NOW in the Reader's Choice awards and win BIG in time for the holidays!
Here are the best products from IFA 2019!
Here are the products announced at IFA 2019 that were worthy of our Best of IFA 2019 awards. Also featuring MrMobile's single best product at the show!
Step into your favorite film with a pair of 3D glasses
Experience movies and video games in the most realistic way with a pair of 3D glasses. Our guide has the best to help you narrow down your choice.