MANILA, Philippines – News aggregation website Flipboard disclosed earlier this week that it had been a victim of a long-running operation that may have taken "a subset of user data," including the real name, username, cryptographically protected password, and email addresses of some of its users.
According to a post updated on Tuesday, May 28, the attacker gained access to the systems in two separate occasions.
The attacker "potentially obtained copies of certain databases containing Flipboard user information between June 2, 2018 and March 23, 2019 and April 21 to 22, 2019."
The team found out about the unauthorized activity from April 21 to 22 of this year on April 23 as a result of investigating the suspicious activity they had noticed earlier on March 23.
Following the incident, Flipboard has reset the passwords of all its users, forcing them to make new passwords for their accounts as a security measure.
It has also replaced or otherwise deleted the digital tokens used to connect a Flipboard account to a third-party service to prevent a potential misuse of those tokens. – Rappler.com
Victor Barreiro Jr is part of Rappler's Central Desk. An avid patron of role-playing games and science fiction and fantasy shows, he also yearns to do good in the world, and hopes his work with Rappler helps to increase the good that's out there.