Stack Overflow mentioned hackers acquired personal knowledge for roughly 250 customers after breaching the website online and spending the following week escalating their get right of entry to.
“Whilst our general person database was once now not compromised, we have now known privileged Internet requests that the attacker made that may have returned IP deal with, names, or emails for an overly small selection of Stack Change customers,” Mary Ferguson, Stack Overflow VP of Engineering, wrote in a blog post printed Friday. “Our group is these days reviewing those logs and shall be offering suitable notifications to any customers who’re impacted.”
In an replace, Ferguson mentioned investigators now estimate the quantity at 250 public community customers. Officers for the developer group website online will notify the ones affected. The corporate first disclosed the breach on Thursday in a four-sentence publish that mentioned “some stage of manufacturing get right of entry to was once won on Might 11.”
In Friday’s replace, Ferguson mentioned the intrusion began on Might five, when an attacker exploited a computer virus in a brand new construct deployed to the improvement tier of stackoverflow.com. The get right of entry to allowed the attacker to log into the improvement tier after which escalate get right of entry to to a manufacturing model of the website online. The attacker has since been got rid of from the community.
“Between Might five and Might 11, the intruder contained their actions to exploration,” Ferguson wrote. “On Might 11, the intruder made a transformation to our device to grant themselves a privileged get right of entry to on manufacturing. This alteration was once temporarily known and we revoked their get right of entry to network-wide, started investigating the intrusion, and started taking steps to remediate the intrusion.”
To attenuate the wear and tear hackers can do, Stack Overflow maintains separate methods for the website online’s Groups, Trade, and Endeavor shoppers. Up to now, investigators have discovered no proof that those methods or the buyer knowledge belonging to them had been get right of entry to. The corporate’s promoting and gifted industry had been additionally now not affected, the VP mentioned. Stack Overflow has about 10 million registered customers.
Stack Overflow is now within the strategy of auditing all logs and databases in an try to hint the intruder’s steps. It has additionally mounted the unique weaknesses that allowed the intrusion and escalation to occur. The corporate has retained a third-party forensics and incident reaction company to lend a hand in each remediation and analysis of methods and safety ranges. Ferguson mentioned Stack Overflow will supply additional information as soon as the investigation concludes.