News

UserVoice reports theft of sha1 password hashes after hack

By admin
Spread the love

UserVoice reports to have been the victim of a hack in April in which user data was stolen. The service claims it affects a small portion of its users, but used the weak sha1 for password hashes.

Employees discovered the hack of the backend reporting systems at the end of April and an investigation revealed that usernames, email addresses, password hashes and salts were stolen. According to UserVoice, 0.001 percent of all users are affected. It is not known how many users the service has. The company claims to have more than 100,000 companies as customers.

As a precaution, the service requires all users to set a new password. After that reset, UserVoice bases hashes on bcrypt to improve security and UserVoice also sets stricter password requirements. Finally, the tokens of victims have been reset and those account holders have been approached personally.

UserVoice is a software-as-a-service company specializing in product and customer management services such as feedback forums, help desk tools, and support ticket systems. The company was founded in 2008 and Stack Overflow, among others, used it at that time.

You might also like
News

Google is serious about ending passwords: ‘passkeys’ are becoming the…

News

Rumor: Apple is working on its own applications based on a large language model

News

EU Council determines position on security requirements for digital products

News

Zeeland power grid is full, grid operator stops new requests from major consumers

News

Samsung develops first GDDR7 chips, mentions bandwidths of up to 32Gbit/s per pin

News

Meta introduces open source language model Llama 2, works on PCs and phones