The hackers accessed the databases “more than once” between June 2, 2018, and March 23, 2019, as well as between April 21, 2019, and April 22, 2019.
Compromised user account information includes usernames, email addresses, and passwords.
The databases also had digital tokens that are used to log into Flipboard accounts with third-party websites and social media platforms like Facebook, Google, and Twitter. Flipboard says they didn’t find any evidence that the tokens were used to get into users’ accounts, though it deleted and replaced them just in case.
The security breaches didn’t affect every Flipboard user. Also, the breaches didn’t involve social security numbers, bank account information, credit card numbers, or any other government-issued IDs and financial information. The investigation is still ongoing, though Flipboard has already notified law enforcement of the incidents.
Flipboard also noted that compromised passwords were salted and hashed. However, older passwords that weren’t updated since March 2012 aren’t protected by stronger encryption technology. Flipboard’s investigation is still ongoing, so we should have more information soon.
As a precautionary measure, Flipboard reset all of its 145 million users’ passwords. That means you’ll have to come up with a new one the next time you sign in. Alternatively, you’ll have to re-verify your third-party account if you previously used on to sign in.
Source Credit Attribution: https://www.androidauthority.com/flipboard-data-breach-passwords-992346/