See also 10 dangerous app vulnerabilities to watch out for (free PDF) The hacker who breached Stack Overflow last week managed to access data on user accounts, the company said today in an update on its investigation into a security breach it disclosed last night. The update comes to shed some light into what happened on the company’s servers last week, after Stack Overflow left many users scratching their heads when it posted a very short message on Thursday, announcing a severe breach of its production systems. While it initially said that there was no evidence of the hacker accessing user data, the company changed its statement today. “While our overall user database was not compromised, we have identified privileged web requests that the attacker made that could have returned IP address, names, or emails for a very small number of Stack Exchange users,” said Mary Ferguson, VP of Engineering at Stack Overflow. The exec said the company is now reviewing log files to determine which users were impacted by the hacker’s scans. Users found to have had their info viewed or collected by the hacker, will receive a notification, she said. Hacker was undetected for days Further, Ferguson also added a correction to the breach’s timeline, which started a week before Stack Overflow thought it did. “The intrusion originated on May 5 when a build deployed to the development tier for stackoverflow.com contained a bug, which allowed an attacker to log in to our development tier as well as… [Read full story]
ZDNet is a business technology news website published by CBS Interactive, along with TechRepublic. The brand was founded on April 1, 1991, as a general interest technology portal from Ziff Davis and evolved into an enterprise IT-focused online publication owned by CNET Networks.