Stack Overflow acknowledged hackers obtained private records for approximately 250 users after breaching the characteristic and spending the next week escalating their salvage entry to.
“While our general user database was not compromised, we’ve identified privileged Web requests that the attacker made that will per chance per chance have returned IP address, names, or emails for a extremely limited collection of Stack Replace users,” Mary Ferguson, Stack Overflow VP of Engineering, wrote in a weblog post printed Friday. “Our group is currently reviewing these logs and can be offering appropriate notifications to any users who’re impacted.”
In an change, Ferguson acknowledged investigators now estimate the amount at 250 public community users. Officers for the developer neighborhood characteristic will inform those affected. The firm first disclosed the breach on Thursday in a 4-sentence post that acknowledged “some stage of production salvage entry to was gained on Would possibly per chance well well eleven.”
In Friday’s change, Ferguson acknowledged the intrusion started on Would possibly per chance well well 5, when an attacker exploited a bug in a unique have deployed to the enchancment tier of stackoverflow.com. The salvage entry to allowed the attacker to log into the enchancment tier and then escalate salvage entry to to a production version of the characteristic. The attacker has since been eliminated from the community.
“Between Would possibly per chance well well 5 and Would possibly per chance well well eleven, the intruder contained their activities to exploration,” Ferguson wrote. “On Would possibly per chance well well eleven, the intruder made a change to our machine to grant themselves a privileged salvage entry to on production. This change was lickety-split identified and we revoked their salvage entry to community-huge, started investigating the intrusion, and started taking steps to remediate the intrusion.”
To minimize the wound hackers can pause, Stack Overflow maintains separate methods for the characteristic’s Groups, Industry, and Endeavor customers. To this level, investigators have found no evidence that these methods or the customer records belonging to them were salvage entry to. The firm’s marketing and marketing and expertise firms were moreover not affected, the VP acknowledged. Stack Overflow has about 10 million registered users.
Stack Overflow is now in the technique of auditing all logs and databases in an strive to label the intruder’s steps. It has moreover mounted the genuine weaknesses that allowed the intrusion and escalation to happen. The firm has retained a 1/3-occasion forensics and incident response firm to attend in both remediation and review of methods and security phases. Ferguson acknowledged Stack Overflow will provide more records as soon as the investigation concludes.