Flipboard, a popular social sharing and news aggregator service used by over 150 million people, has disclosed that its databases containing account information of certain users have been hacked.
According to a public note published yesterday by the company, unknown hackers managed to gain unauthorized access to its systems for nearly 10 months—between June 2, 2018, and March 23, 2019, and then again on April 21-22, 2019.
The hackers then potentially downloaded database containing Flipboard users' real name, usernames, cryptographically (salted hash) protected passwords and email addresses, including digital tokens for users who linked their Flipboard account to a third-party social media service.
According to a breach notification email sent out to affected users and seen by The Hacker News, the company has now reset passwords for all users as a precautionary measure, forcing users to create a new strong password for their accounts.
"You can continue to use Flipboard on devices from which you are already logged in. When you access your Flipboard account from a new device or the next time you log into Flipboard after logging out of your account, you will be asked to create a new password," the company said.
Flipboard also said it had not seen unauthorized access to any third-party account and still in the process of determining the total number of affected users.
The company has also decided to replace or delete all digital tokens, making them no longer valid and therefore cannot be misused.
"We have not found any evidence the unauthorized person accessed third-party account(s) connected to users' Flipboard accounts. As a pr ..