Some Tumblr Users May Have Had Their Data Breached

November 1, 2018

Written by wukovits

some tumblr users may have had their data breachedDo you use Tumblr?  If so, be aware that your personal information may have been exposed.

Tumblr recently added a feature called “Recommended Blogs” that presents you with a list of blogs you might enjoy based on your past viewing habits.  It’s a great idea in theory, but unfortunately, there were problems with the way the feature was implemented.

Any blog on the recommended list was placed there in such a way that it left the blog owner’s personal information exposed, including:

  • IP Address
  • Self-Reported location
  • Email Address
  • Password

Tumblr had this to say in an open letter published on their site:

“It’s our mission to provide a safe space for people to express themselves freely and form communities around things they love.  We feel that this bug could have affected that experience.  We want to be transparent with you about it.  In our view, it’s’ simply the right thing to do.

We found no evidence that this bug was abused and there is nothing to suggest that unprotected account information was accessed.”

Even if you’ve never seen your Tumblr blog on the recommended list, your best bet is to change your password immediately. As usual, if you use the same password for Tumblr that you use on any other web property, change that password too.

Now would be a great time to break yourself of the habit of using the same password across multiple websites.  Continuing that practice makes you a ticking bomb.  Sooner or later, it’s going to explode on you, with tragic consequences that could take years to fully recover from.

We applaud Tumblr’s handling of this issue.  At a time with other social media platforms are under fire for their handling of security flaws, Tumblr’s transparency is refreshing indeed.

Used with permission from Article Aggregator

Bayou Tech

We provide solutions for your business. Find out how we can help.

Related Articles

Key Considerations for Effective Cybersecurity Implementation

Consider this: In the realm of cybersecurity, things often get tangled in the web of "you should do it anyway" arguments. Yet, for busy business owners bombarded with daily "must-dos," deciphering the essentials from the fluff can feel like a cyber maze. We aim to...

Major Cyber Attack at OMV

Louisiana’s Office of Motor Vehicles (OMV) is one of a still undetermined number of government entities, major businesses, and organizations to be affected by an unprecedented Data Breach.There is no indication at this time that cyber attackers who breached MOVEit...