Stack Overflow, one of the largest question and answer site for programmers, revealed today that unknown hackers managed to exploit a bug in its development tier and then almost a week after they gained unauthorized access to its production version.
Founded by Jeff Atwood and Joel Spolsky in 2008, Stack Overflow is the flagship site of the Stack Exchange Network. With 10 million registered users and over 50 million unique visitors every month, Stack Overflow is very popular among professional and enthusiast programmers.
In an older version of the announcement published by Mary Ferguson, VP of Engineering at Stack Overflow, the company confirmed the breach but said it did not find any evidence that hackers accessed customers' accounts or any user data.
However, the updated announcement now says that after sitting quiet for a week, hackers executed privileged web requests, but were able to gain access to a very small portion of data, including IP address, names, and email address—and that for only a small number of users.
"Between May 5 and May 11, the intruder contained their activities to exploration. On May 11, the intruder made a change to our system to grant themselves a privileged access on production. This change was quickly identified and we revoked their access network-wide, began investigating the intrusion, and began taking steps to remediate the intrusion."
"We can now confirm that our investigation suggests the requests in question affected approximately 250 public network users. Affected users will be notified by us," Ferguson said.
The company also revealed hackers exploited a bug that was introduced in a recently deployed built to the development tier for the Stack Overflow website.
Stack Overflow said the company is patching all known vulnerabilities.
"We discovered and investigated the extent of the access and are addressing all known vulnerabilities," Ferguson said.
"As part of our security procedures to protect sensitive customer data, we maintain separate infrastructure and networks for clients of our Teams, Business, and Enterprise products and we have found no evidence that those systems or customer data were accessed. Our Advertising and Talent businesses were also not impacted by this intrusion."
Late last year, another popular question and answer website Quora suffered a massive data breach with hackers gaining access to sensitive information of about 100 million of its users, including their names, email addresses, hashed password, and personal messages.
3 comments
Write commentsbreach the security This particular is usually apparently essential and moreover outstanding truth along with for sure fair-minded and moreover admittedly useful My business is looking to find in advance designed for this specific useful stuffs…
Replybreach the security Thank you because you have been willing to share information with us. we will always appreciate all you have done here because I know you are very concerned with our.
ReplyRECOVER YOUR FUNDS FROM FAKE INVESTMENT COMPANY, FAKE BINARY OPTION ETC.
ReplyHave you been ripped by scammers online, have you invested your funds in the wrong investment companies? You do not need to worry any more as we provide you with an answer which is GETTING BACK WHAT YOU HAVE LOST. We at CRYPTOREFUNDER360(AT)GMAIL(DOT)COM provide Btc recovery services. It does not matter how mush you have been ripped off or when it happened, provided we have the right and necessary informations, then we can assure you of a quick and safe recovery. We have testimonies flowing daily on lost funds being recovered safely. You may not be in need of this but tell a friend who is. You can contact us by mail @ Cryptorefunder360(at)gmail(dot)com or message us on WhatsApp +13349559030.
Share your view.. EmoticonEmoticon