Stack Overflow said hackers acquired private data for about 250 users after breaking the site and spending next week increasing their access.
"While our general user database is not compromised, we have determined the Web requests made by the attacker who may restore the IP address, names, or emails for a very small number of users Stack Exchange, "Mary Ferguson, Stack Overflow VP of Engineering, wrote in a blog post published on Friday. "Our team is currently reviewing these logs and providing appropriate notices to any affected users."
In an update, Ferguson said investigators now estimate the number of 250 public network users. Officials for the developer community site notify the affected. The company first disclosed a violation on Thursday in a four-post post that said "some degree of access to production was obtained on May 1
On Friday's update, Ferguson said the intrusion began on May 5, when an attack exploited a bug in a new build sent to stackoverflow.com's tier development. Access allows the attacker to log into the tier development and then add access to a site production version.The attacker has been removed from the network. [19659003"SapagitanngMayo5atMayo11angnanghihimasokaynaglalamanngkanilangmgagawainsapagsaliksik"isinulatniFerguson"NoongMayo11nagbagoangnanghihimasoksaamingsistemaupangbigyanangkanilangsarilingisangpribilehiyosapag-accesssaproduksyonbinawiangnetworkngkanilangpag-accessnagsimulangmagsiyasatsapanghihimasokatnagsimulanggumawangmgahakbangupangmaipagpatuloyangpanghihimasok"
In order to minimize the damage of hackers able Stack Overflow separate systems for site Clients, Business, and Enterprise customers. At present, investigators have not found evidence that these systems or the customer data belonging to them are accessible. The company's advertising and talented business was also unaffected, the VP said. Stack Overflow has approximately 10 million registered users.
Stack Overflow is currently in the process of auditing all logs and databases in attempts to monitor the steps of the fighter. It also fixed the original vulnerabilities that allowed interference and multiplication to occur. The company has maintained a third-party forensics and incident response firm to assist both remediation and evaluation of systems and security levels. Ferguson said Stack Overflow would provide additional information as soon as the investigation was completed.