Flipboard resets passwords after data breach exposed users' details

  • Flipboard says hackers gain unauthorized access to its databases containing user details.
  • The databases in question included users' names, encrypted passwords and email addresses.
  • Flipboard is resetting passwords for millions of users as a precautionary measure.
  • Third-party accounts aren't affected, but Flipboard is also resetting tokens.

News aggregator Flipboard is the latest to succumb to a data breach, with the service noting that hackers gained unauthorized access to its databases containing users' account information. The breach occurred between June 2, 2018 and March 23, 2019 and April 21 – 22, 2019, with hackers making copies of users' name, Flipboard usernames, cryptographically protected passwords and email addresses.

Thankfully, Flipboard doesn't collect sensitive information like credit card details or government-issued IDs. The service set up an FAQ page to provide more information about the breach:

Flipboard says it switched to salted hashing to store all user passwords created or changed after March 14, 2012, which should make it extremely hard for the hackers to crack the passwords. The service also noted that it swithced out digital tokens for third-party accounts even though it didn't see any unauthorized access.

Flipboard is still "identifying the accounts involved," but the service is resetting all users' passwords as a precautionary measure:

Flipboard also says it implemented "enhanced security measures" to prevent a further breach in the future. If you're a Flipboard user, you should reset your password. For what it's worth, Flipboard handled this situation with aplomb, resetting passwords and tokens and adding safeguards to make sure this doesn't occur again.