Tumblr Security Flaw, Exposes User Passwords and IP Addresses

Twitter alarmed about Tumblr Security flaw today morning. A tweet from an user comes as the main reason for this alarm. The Security flaw spotted in Tumblr rated as Highly Critical. It exposes the user names, passwords, server ip addresses, API keys and Personal information.

Tumblr

Tumblr has reacted very quick to fix the bug, which was the reason behind this confidential data exposed. Tumblr also sent an official message to its users saying that the bug in their system had been rectified.

A human error caused some sensitive server configuration information to be exposed this morning. Our technicians took immediate measures to protect from any issues that may come as a result.

We’re triple checking everything and bringing in outside auditors to confirm, but we have no reason to believe that anything was compromised. We’re certain that none of your personal information (passwords, etc.) was exposed, and your blog is backed up and safe as always. This was an embarrassing error, but something we were prepared for.

The fact that this occurred at all is still unacceptable, and we’ll be seriously evaluating and adjusting our processes to ensure an error like this can never happen again.

Please let us know if you have absolutely any questions.

Experts do think that the problem has caused because of PHP code. However, there is no official confirmation about the exact spot from Tumblr yet. Whats your opinion about this bug. Please do comment about it.

via [Mashable]

About the Author: Robin C

Security Consultant, Engineer, Technology Enthusiast and Blogger.

You May Also Like

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.