Twitter alarmed about Tumblr Security flaw today morning. A tweet from an user comes as the main reason for this alarm. The Security flaw spotted in Tumblr rated as Highly Critical. It exposes the user names, passwords, server ip addresses, API keys and Personal information.
Tumblr has reacted very quick to fix the bug, which was the reason behind this confidential data exposed. Tumblr also sent an official message to its users saying that the bug in their system had been rectified.
A human error caused some sensitive server configuration information to be exposed this morning. Our technicians took immediate measures to protect from any issues that may come as a result.
We’re triple checking everything and bringing in outside auditors to confirm, but we have no reason to believe that anything was compromised. We’re certain that none of your personal information (passwords, etc.) was exposed, and your blog is backed up and safe as always. This was an embarrassing error, but something we were prepared for.
The fact that this occurred at all is still unacceptable, and we’ll be seriously evaluating and adjusting our processes to ensure an error like this can never happen again.
Please let us know if you have absolutely any questions.
Experts do think that the problem has caused because of PHP code. However, there is no official confirmation about the exact spot from Tumblr yet. Whats your opinion about this bug. Please do comment about it.