Just Updated

Buffer encrypts access tokens after spammer hack


IDG Information Provider – Buffer, a Provider for scheduling social media posts, stated Sunday it has strengthened its security after spammers gained get right of entry to to its network.

On Saturday, Buffer halted all social media postings after a raft of junk mail coming from Buffer debts hit Facebook and Twitter. Later that day, Carrier was restored, but Buffer instructed customers to get admission to their bills from its main URL fairly than from its mobile purposes.

Buffer, based in San Francisco, mentioned Sunday it is encrypting OAuth access tokens, which permit users to grant every other utility access to a Service with out revealing their password. Buffer also added a brand new safety parameter to its API (functions programming interface) calls.

“We Now Have a great deal increased security of how we are posting to Twitter and Fb and have faith to duvet the security holes the hackers have used to break into our machine,” wrote Joel Gascoigne, Buffer’s founder.

Facebook stated 30,000 Buffer users who had accounts on its Carrier had spam considerations, which is ready 6.Three% of the 476,343 Fb accounts which might be related to Buffer, Gascoigne wrote. Buffer users will want to reconnect their Twitter bills but now not their Facebook ones. Posts that were scheduled to be published on Facebook all the way through the outage will need to be resent.

Gascoigne wrote he expects Buffer to publish a extra distinct replace on the hack later.

“We’re working with several safety specialists on tracking down exactly the way it used to be that you can imagine for the spammers to get into our system,” he wrote. “We’re making good development on this, this morning.”

Send News tips and feedback to jeremy_kirk@idg.com. Observe me on Twitter: @jeremy_kirk




Leave a comment

Your email address will not be published.