Stack Overflow Backtracks: Some User Data May Have Been Compromised

Following the hacking of their system, Stack Overflow backtracks from their earlier statement that no user data were compromised.Stack Overflow's production system was hacked between May 5th and May 11th. Image from Marco Verch | Flickr | CC BY 2.0

When a popular website where coders, programmers, and developers hang out in a professional and networking set-up is hacked, you’ll know that the cybersecurity problem is very real and alarming. Today, Stack Overflow, one of the largest question and answer website for programmers and developers, have disclosed that their system experienced a cyber attack and an unknown hacker(s) managed to gain unauthorized access to its production system on May 11, 2019.

The company initially said that the unknown intruders accessed no customer data, but they eventually backtracked saying that the intruder(s) may have sent requests that could return with some of the sensitive data of a small number of their users.

Founded in 2008, is the largest, most trusted online community for anyone that codes to learn, share their knowledge, and build their careers. The site has an estimated unique visitor count of 50 million each month, and they come to the website to solve coding problems, network with other programmers and developers, and find new job opportunities in the tech world.

When Stack Overflow announced that their system was compromised a few days ago, the community was shocked and was quick to ask for the extent of the breach. Initially, Stack Overflow said that there is “no evidence” that users’ data were accessed or breached and that the hacking was only contained in the site’s production system.

In a short note published by Mary Ferguson, Vice President of Engineering at Stack Overflow, the company confirmed the security breach but said that they don’t have any evidence pointing to the concern that the hackers accessed users’ data.

“Over the weekend, there was an attack on Stack Overflow. We have confirmed that some level of production access was gained on May 11. We discovered and investigated the extent of the access and are addressing all known vulnerabilities. We have not identified any breach of customer or user data,” Ferguson wrote in a blog post.

She also assured that their users’ security is important to them, and they are working hard to investigate the problem and promised to update them of any new information that comes out after their investigation.

“Our customers’ and users’ security is of the utmost importance to us. After we conclude our investigation cycle, we will provide more information,” Ferguson added.

An updated version of the investigation update posted by Ferguson in the site’s blog confirms that a bug in their system allowed an unauthorized person to gain access to their servers and said that the intrusion started from May 5 until May 11 when they discovered the unauthorized access.

“Between May 5 and May 11, the intruder contained their activities to exploration. On May 11, the intruder made a change to our system to grant themselves privileged access on production. This change was quickly identified, and we revoked their access network-wide, began investigating the intrusion, and began taking steps to remediate the intrusion,” Ferguson wrote.

In the new blog post, Ferguson confirmed her initial statement that no customer data was accessed. She said that the company maintained different servers for where they store customer data and what was obtained by the intruder. She also added that the data breach did not impact their Advertising and Talent businesses.

However, she also admits that while their general system was not compromised, they were able to “identified privileged web requests that the attacker made that could have returned IP addresses, names, or emails for a minimal number of Stack Exchange users.” The team is now reviewing their logs and assured users that they would be notified as soon as they were determined to be part of the affected users.

Moreover, Ferguson assured that the company is already taking precautionary measures such as cycling secrets, resetting company passwords, and evaluating systems and security levels. They also enlisted third-party forensic investigators to determine who is behind the data breach.

“[We are]engaging third-party forensics and incident response firm to assist us with both remediation and learnings,” Ferguson added.

Last year, another popular question and answer website similar to Stack Overflow, Quora suffered a massive data breach with hackers gaining access to sensitive information of about 100 million of its users including their names, IP address, emails, passwords, and personal messages.

Be the first to comment on "Stack Overflow Backtracks: Some User Data May Have Been Compromised"

Leave a comment

Your email address will not be published.