People who weren’t happy about Elon Musk taking over Twitter have run to Hive which saw massive amounts of growth recently. But Hive is now offline after a stunningly huge data breach:
A report published earlier this week alleges that Hive had a massive—and I do mean massive—problem on its hands. According to the German security collective Zerforschung, Hive had grievous software vulnerabilities that exposed pretty much all of its users’ personal data to the internet. A cybercriminal aware of the bugs would have been able to steal Hive users’ kit and caboodle—everything from private messages to registered account information. Researchers claim the bugs were so serious that they refrained from sharing technical details about them—fearing that hackers would exploit them.
According to Zerforschung’s blog:
“The issues we reported allow any attacker to access all data, including private posts, private messages, shared media and even deleted direct messages. This also includes private email addresses and phone numbers entered during login. Attackers can also overwrite data such as posts owned by other users…”
Zerforschung researchers say they reached out to Hive last Saturday about the security vulnerabilities but that the company failed to fix a majority of the issues in the report. After a couple of days, researchers decided to publish their findings, labeling their blog “Warning: do not use Hive Social.” It was only after the research went live that Hive publicly acknowledged the security issues and subsequently took its service offline.
On Thursday, Hive put out a statement, ironically posting it to the platform’s Twitter account. It reads: “The Hive team has become aware of security issues that affect the stability of our application and the safety of our users. Fixing these issues will require temporarily turning off our servers for a couple of days while we fix this for a better and safer experience.” In an additional post, Hive optimistically quipped: “Our server is temporarily shut down. You’ll be able to sign up once we’re back online!”
Whatever is going on, it must be pretty bad to take the entire site down. As I type this, it appears that Hive might be slowly coming back online. Though a check of their Twitter account indicates that it isn’t online. But when they do pop up, I hope that they have their security situation sorted out because you can bet that everyone and their dog will be looking for holes because of this incident.
Like this:
Like Loading...
Related
This entry was posted on December 3, 2022 at 10:16 am and is filed under Commentary with tags Hive. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Twitter Alternative Hive Goes Offline After HUGE Data Breach
People who weren’t happy about Elon Musk taking over Twitter have run to Hive which saw massive amounts of growth recently. But Hive is now offline after a stunningly huge data breach:
A report published earlier this week alleges that Hive had a massive—and I do mean massive—problem on its hands. According to the German security collective Zerforschung, Hive had grievous software vulnerabilities that exposed pretty much all of its users’ personal data to the internet. A cybercriminal aware of the bugs would have been able to steal Hive users’ kit and caboodle—everything from private messages to registered account information. Researchers claim the bugs were so serious that they refrained from sharing technical details about them—fearing that hackers would exploit them.
According to Zerforschung’s blog:
“The issues we reported allow any attacker to access all data, including private posts, private messages, shared media and even deleted direct messages. This also includes private email addresses and phone numbers entered during login. Attackers can also overwrite data such as posts owned by other users…”
Zerforschung researchers say they reached out to Hive last Saturday about the security vulnerabilities but that the company failed to fix a majority of the issues in the report. After a couple of days, researchers decided to publish their findings, labeling their blog “Warning: do not use Hive Social.” It was only after the research went live that Hive publicly acknowledged the security issues and subsequently took its service offline.
On Thursday, Hive put out a statement, ironically posting it to the platform’s Twitter account. It reads: “The Hive team has become aware of security issues that affect the stability of our application and the safety of our users. Fixing these issues will require temporarily turning off our servers for a couple of days while we fix this for a better and safer experience.” In an additional post, Hive optimistically quipped: “Our server is temporarily shut down. You’ll be able to sign up once we’re back online!”
Whatever is going on, it must be pretty bad to take the entire site down. As I type this, it appears that Hive might be slowly coming back online. Though a check of their Twitter account indicates that it isn’t online. But when they do pop up, I hope that they have their security situation sorted out because you can bet that everyone and their dog will be looking for holes because of this incident.
Share this:
Like this:
Related
This entry was posted on December 3, 2022 at 10:16 am and is filed under Commentary with tags Hive. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.