• 2022-10-06

Stack overflow hacker was not found for a week

Jan 20, 2022

Last week, the company’s latest survey disclosed yesterday for its security vulnerabilities in the survey said that hackers last week in violation of Stack Overflow successful visit to the data user accounts. After Thursday posted a very short message announcing a serious violation of their production systems, Stack Overflow many users scratching their heads, this update reveals what happened last week the company’s server. Although it initially said there was no evidence the hackers access to user data, but the company changed the statement today.

u0026 Ldquo; While our overall user database is not compromised, but we have identified a privilege Web request attacker raised these requests may be a handful of Stack Exchange user returns the IP address, name or e-mail, u0026 rdquo; vice president of engineering Mary Ferguson represent. Stack overflow.

The executive said the company is reviewing the log files to determine which users are affected by hackers scan. She said, found a hacker to view or collect information about users will be notified.

Hackers days undetected

In addition, Ferguson also illegal timetable was amended in the schedule does Stack Overflow think so before the start of a week.

u0026 Ldquo; intrusion originated in the May 5, when deployed to build the development stackoverflow.com layer contains an error, allowing the attacker to log on to our development layer, and upgrade their access to stackoverflow.com production version, u0026 rdquo; Ferguson Say.

u0026 Ldquo; between May 5 to May 11 date, the intruder will contain their activities in the exploration, u0026 rdquo; Stack Overflow executives said, highlighting the company found no reason invasion.

u0026 Ldquo; May 11, the invaders of our system has been changed to grant them privileged access to the production. This change was quickly confirmed, we withdrew them access to the entire network, began investigating the invasion, and began to take steps to repair invasion. u0026 ldquo;

Stack Overflow said it terminated the hacker access to its network, is now working with a company forensic audit log and track their behavior intruders on their server.

The company said the investigation is still in progress, then there will be more updates.

In the e-mail received after publication of the article, Stack Overflow spokesman told ZDNet, the number of users affected is about 250.