Hackers breach StackOverflow but steal no user data

The Q&A site confirmed a security incident over the weekend but says no customer data was taken

Image of the homepage for StackOverflow

One of the most popular question and answer (Q&A) sites for developers sustained a breach over the weekend, with attackers gaining access to production systems.

Executives with StackOverflow confirmed an attack on their systems last Saturday, 11 May, but added the unknown malicious actors did not take any customer or user data.

Advertisement - Article continues below

"Over the weekend, there was an attack on Stack Overflow," said the platform's vice president of engineering Mary Ferguson. "We have confirmed that some level of production access was gained on May 11."

The platform is among the most widely-accessed by computer programmers and developers. StackOverflow says more than 50 million users visit the site each month to pose development questions or provide answers themselves.

It's also used by rookie developers as a means to familiarise themselves with coding principles and practices, although some have criticised the platform for recently growing intolerant of new programmers.

"We discovered and investigated the extent of the access and are addressing all known vulnerabilities," Ferguson continued.

"We have not identified any breach of customer or user data. Our customers' and users' security is of the utmost importance to us. After we conclude our investigation cycle, we will provide more information."

The company has provided little information about the incident, including a timeline, and no technical analysis of how the breach occurred.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

The platform is so integral to the wider programming community that one Twitter user even quipped: "I can bet the hacker used StackOverflow to help him code the hack!!"

IT Pro approached StackOverflow with a series of further questions around the hack but did not get a response at the time of publication.

Six months ago another popular Q&A site, Quora, suffered a security breach in which 100 million users' information was exposed. A "malicious third party" had gained unauthorised to the site, the company confirmed, and made away with users' email addresses, passwords, names and any other information tied to social media accounts linked with Quora accounts.

Featured Resources

The case for a marketing content hub

Transform your digital marketing to deliver customer expectations

Download now

Fast, flexible and compliant e-signatures for global businesses

Be at the forefront of digital transformation with electronic signatures

Download now

Why CEOS should care about the move to SAP S/4HANA

And how they can accelerate business value

Download now

IT faces new security challenges in the wake of COVID-19

Beat the crisis by learning how to secure your network

Download now
Advertisement

Recommended

Visit/software/video-conferencing/355410/zoom-50-adds-256-bit-encryption-and-ui-refresh
video conferencing

Zoom 5.0 adds 256-bit encryption to address security concerns

23 Apr 2020
Visit/security/hacking/355382/whatsapps-flaw-shoulder-surfing
hacking

WhatsApp flaw leaves users open to 'shoulder surfing' attacks

21 Apr 2020
Visit/security/cyber-security/355368/microsoft-builds-ai-to-detect-security-flaws-with-99-accuracy
cyber security

Microsoft AI can detect security flaws with 99% accuracy

20 Apr 2020
Visit/security/vulnerability/355276/businesses-brace-for-second-fujiwhara-effect-of-2020-as-patch-tuesday
vulnerability

Businesses brace for second 'Fujiwhara effect' of 2020 as Patch Tuesday looms

9 Apr 2020

Most Popular

Visit/operating-systems/microsoft-windows/355781/microsoft-confirms-further-issues-with-troublesome
Microsoft Windows

Microsoft's latest Windows 10 update is causing yet more issues

26 May 2020
Visit/mobile/5g/355712/nokia-5g-speed-record
5G

Nokia breaks 5G record with speeds nearing 5Gbps

20 May 2020
Visit/security/data-breaches/355777/easyjet-faces-class-action-lawsuit-over-data-breach
data breaches

EasyJet faces class-action lawsuit over data breach

26 May 2020