It’s sad to say, but hacks and data breaches have become a daily occurrence in our digital lives. An insecure server can spell doom for any user base, so investing in top-notch security has become a must for most platforms. The problem has gotten so bad that even hackers are being paid by companies to pinpoint security flaws and bolster defenses.
Despite the best efforts of developers and admins, new platforms continue to get hacked all the time. A recent breach of one of the most popular news aggregation apps is already making waves in the world of cybersecurity. Hackers were able to break into the backdoor of the app — potentially stealing databases containing email addresses, usernames, and passwords. Even worse — this app connects with all the most popular social networks on the web, meaning hackers might have access to your other accounts as well!
If you care about securing your data or just want to know if you were affected by this breach, you’ll want to read on for all of the details. We break down exactly what could have been taken by hackers, and how you can protect yourself against identity theft or worse.
What platform was affected by this new data breach?
Flipboard is a popular news and content aggregation app that uses your social media accounts to create its feed. In a nutshell, it gives users a way to experience content from multiple accounts in one place — with Instagram, Facebook, and Twitter all able to connect.
Because of this unique connectivity between platforms, the app was a ripe target for hackers — who managed to infiltrate it twice over a period of nearly a year between June 2018 and April 2019.
They were able to gain what Flipboard is calling “unauthorized access” to databases on the app’s servers. These databases are filled with private user information, including usernames, passwords, email addresses, and actual names.
According to a security notice posted by Flipboard, hackers may have copied user data from the compromised databases. This means that if you were logged into Flipboard during the period of attack, your personal information may be at risk of compromise.
What can I do to protect myself from this data breach?
Thankfully, Flipboard hasn’t taken the attack lying down and has beefed up its security in response. In addition, it emphasized the fact that it’s reset “login tokens” between connected platforms and its service.
This means Flipboard didn’t save login information about your other social media accounts, so you shouldn’t have to worry about those being compromised if your data was affected by the hack. It also emphasized that not every account was accessed via the breach, and said it would alert users if they attempted to log in.
That being said, if you use the same password across all of your accounts, your risk might still exist. Hackers may not be able to immediately log in using your credentials, but your Flipboard account does show which platforms you’ve connected to it.
This makes it easy for them to try the password that they already have (a common technique for gaining access) on all of your social networks.
For now, the best course of action would be to change your password on Flipboard, as well as any passwords for accounts you connected to the service. If you still wish to use these accounts with Flipboard, you’ll need to re-connect them due to the company’s reset of login tokens.
More than anything, this hack shows how critical it is to maintain separate secure passwords for every site you visit. A simple educated guess from a hacker could lead to your personal data being siphoned and sold to shady figures on the dark side of the web.
Keep your passwords plentiful and complex, and don’t give them the opportunity to wreak havoc over your social life. The harder they’ll have to work, the less likely they are to bother with your business.
Update: In response to the data breach, Flipboard has officially alerted users with more background on the incident, as well as steps they can take to mitigate any potential risks. According to Flipboard, user passwords are uniquely encrypted, but all passwords have been reset out of precaution in light of the breach. The company recommends all users reset their passwords, and reassures them that no information like social security numbers, bank accounts, or credit cards were stored on their systems for hackers to take.