Stack Overflow has just announced that it has been the victim of a hacking attack that has given the threat actors access to the production systems of this platform, report experts from the IICS cybersecurity course. For now, only one security message has been posted on the website about “certain access to production” that occurred a few days ago.
Although it is still unclear how hackers were able to access Stack Overflow networks, developers have decided to launch updates for all possible vulnerabilities that attackers might have exploited.
According to the experts, the incident was detected by the Stack Overflow developers; after an internal investigation, the platform concluded that users’ data has not been compromised: “further information will be disclosed at the conclusion of our investigation; the most important thing for us is the security of our customers’ information”, mentions a platform statement.
“Although our databases have not been affected, we identified some privileged web requests made by attack operators thanks to those who could have obtained IP addresses, email addresses or names of a limited number of users. We will keep performing security monitoring on our systems until danger stops”, mentions the security alert.
Experts from the cybersecurity course claim that the incident occurred on May 5 due to a platform error that allowed attackers to log into development level, as well as increase access in the production version of stackoverflow.com.
Stack Overflow began its online activities in 2008, operating as a question and answer website on programming-related topics; for 2019, the platform already had more than 10 million users, according to experts from the cybersecurity course.
According to experts from the International Institute of Cyber Security (IICS), Stack Overflow is a trusted source in issues related to the software developer community, as more than 50 million of queries are made monthly.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.