According to an article from Tumblr, it has accepted the fact that a security breach existed in its system that could have allowed a major leak of personal information and data of a majority of its users. The affected information included user’s email addresses, protected (hashed and salted) account passwords, self-reported location (a feature no longer available), previously used email addresses, last login IP addresses, and names of the blog associated with every account.
According to the company, the bug was reported by a researcher through the company’s bug bounty program. Although the company hasn’t disclosed the name of the researcher. The company did inform me that the bug resided in the ‘recommended blogs’ feature on the website. Tumblr disclosure comes less than a week after Facebook announced its worst-ever security breach that allowed attackers to steal personal information, including secret access tokens, for 30 million users.
Also, over a week ago Google announced the shut down of its social media network Google+ following a massive data breach that exposed the private data of hundreds of thousands of Google Plus users to third-party developers.
Also, read – Hacked Facebook logins for sale on the Dark Web for $3.