Madrid (EFE).- News aggregator Menéame suffered a cyberattack in which users’ emails and encrypted passwords were stolen. Although the intrusion was stopped “immediately”, the leak could not be prevented, the company reports today on its blog.
The website states that, given the activity rate of active users, it considers that “this does not affect more than approximately 17% of users who continue to keep this email and password” and adds that it has over 660,000 registered users, but “there are a lot of inactive bots and emails”.
Intruders “apparently only gained access to the emails and encrypted password of 41.5%” of early adopters, the blog says.
The intrusion allegedly happened on September 14, when they detected “strange activity” which they identified as an attempted attack, but “apparently there was no access to the data”.
However, according to the blog, they received indications last Monday from a forum “where it was said to sell the Menéame database”, which the aggregator denies and claims to have only part of the table of users.
The attackers would not have had direct access to the database, but rather indirectly, indicates the blog, which adds that the team warned the company which manages the security of the data “to see how to act in these cases” .
The aggregator remembers that passwords are encrypted, so someone who has the database can’t get into user accounts directly.
However, he suggests that users who have an “insecure” password take the opportunity to change it, whereas if it is secure “it’s not a problem”, although it can still be changed.
Web edition: Marina González