Flipboard is a service that brings together all news, articles and publications of interest to you from various blogs, newspapers, magazines, etc. and lets you see them all together without having to waste time search for it yourself. Flipboard Inc., the company behind this service, has announced to its users that it has been hacked, with the result that attackers gain access to the company's systems. It is said that this has been happening for more than nine months.
The company informed customers who were affected through e-mail. In the email they wrote, hackers had access to databases that were used by the company to store customer data.
The information contained in the databases was as follows: user names, encrypted codes access and, in some cases, email or digital tokens that link Flipboard profiles to accounts with other services.
However, the company had taken care to protect user passwords. Most codes were encrypted with a powerful fragmentation algorithm, codenamed bcrypt. Codes encrypted in this way are very difficult to break.
There were also some codes that were not so protected as they were encrypted with a weaker algorithm, SHA-1, but there were not many.
Flipboard Inc. does not yet know the exact number of accounts affected by infringement. He said they are still investigating the case and trying to determine the total number. The only sure thing is that all accounts were not affected.
For prudential reasons, the company has already begun the process of changing passwords for all users, whether they are affected or not.
Also, all the digital tokens used by users to link the Flipboard to other accounts (e.g., Facebook, Twitter, Google, etc.) have been replaced.
Flipboard said that the investigation so far has shown no evidence to suggest that others have been infringed accounts, associated with the Flipboard.
Although the company had taken care to protect its customers to a certain extent, however, it can not be denied that this is a quite extensive violation, if we also think about the length of time hackers had access to the systems. A total of nine months.
Hackers have violated the company's systems twice. The first time, they had access from 2 June 2018 to 23 March 2019 and the second time from 21 April to 22 April 2019.
The incident was noticed by the Flipboard on 23 April, immediately after the second invasion, as the company searched its database network.
The Flipboard has also informed the authorities of the violation.