Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Security News Technology

Flipboard Says Hackers Stole User Details (zdnet.com) 33

Flipboard, a news aggregator service and mobile news app, notified users this week of a security incident during which hackers had access to internal systems for more than nine months. From a report: In a series of emails seen by ZDNet that the company sent out to impacted users, Flipboard said hackers gained access to databases the company was using to store customer information. Flipboard said these databases stored information such as Flipboard usernames, hashed and uniquely salted passwords, and in some cases, emails or digital tokens that linked Flipboard profiles to accounts on third-party services. The good news appears to be that the vast majority of passwords were hashed with a strong password-hashing algorithm named bcrypt, currently considered very hard to crack.
This discussion has been archived. No new comments can be posted.

Flipboard Says Hackers Stole User Details

Comments Filter:
  • by Gravis Zero ( 934156 ) on Wednesday May 29, 2019 @12:01PM (#58672592)

    Flipboard is a news aggregator and social network aggregation company based in Palo Alto, California, with offices in New York, Vancouver and Bejiing. Its software, also known as Flipboard, was first released in July 2010.

    Was that too much to include in the summary?

    • by Anonymous Coward

      It's bloatware that shipped with previous Samsung Galaxy phones that you couldn't disable and would constantly swipe to by accident.

      • It's bloatware that shipped with previous Samsung Galaxy phones that you couldn't disable and would constantly swipe to by accident.

        I mainly remember it as the most prominent piece of shovelware on my first smartphone. I think that I finally got it out of my face, but it took some research.

        I'm kind of surprised that it's still around, or that anybody would actually set up an account with it.

  • The good news appears to be that the vast majority of passwords were hashed with a strong password-hashing algorithm

    Is it not pretty bad news that some of them were *not* hashed with a strong algorithm?

    In fact doesn't this kind of imply some of what was captured were completely unhashed passwords, which is very bad indeed?

    After all there's no reason a company would be using multiple kinds of hashing, so if a password was not hashed using the strong algorithm, that would make me think at that point of captur

    • by jrumney ( 197329 )
      Not completely unhashed. According to the mail they sent out, if you didn't change your password since March 2012, it will be hashed as SHA-1 instead of bcrypt.
  • by ledow ( 319597 ) on Wednesday May 29, 2019 @01:15PM (#58673094) Homepage

    Cool.

    Now can someone uninstall the fecking thing from my Samsung phone?

    Apparently, because of Samsung, it just always gets forcibly reinstalled from the Play Store and the factory-version is permanently on there.

    I have literally never even loaded it. I only know the name because it's forcibly installed and I don't even care what it is.

    I only wish this phone was properly rootable but it's a bit niche (EU 4G version of the S5 Mini). The S4 Mini I used to have runs LineageOS perfectly without all the crap.

  • I remember installing this... and uninstalling it 5 minutes later. I don't get how this is better than getting your news literally any other way.
    • by jrumney ( 197329 )
      The original iPad only version was quite nice, like reading a real magazine. When they decided to chase marketshare to satisfy the investors and dumbed it down to run on small screens, it became just another RSS reader.

Life is a whim of several billion cells to be you for a while.

Working...