Tumblr blames ‘human error’ for weekend security lapse

Tumblr LogoPopular blogging service Tumblr has cited “human error” as the cause behind a security glitch that may have revealed users’ passwords, API keys, IP addresses and other personal data.

The alarm was sounded Saturday morning via Twitter. “OMG…The Tumbeasts are spitting out passwords!,” the tweet read. The news quickly spread, with armchair hackers taking to forums to debate the extent and cause of the glitch. As it turns out, a PHP coding error was likely to blame for 748 lines of information being made visible.

Tumblr responded quickly to fix the problem and followed up with an official statement posted about five hours later. Here’s what Tumblr had to say for itself:

“A human error caused some sensitive server configuration information to be exposed this morning. Our technicians took immediate measures to protect from any issues that may come as a result.

We’re triple checking everything and bringing in outside auditors to confirm, but we have no reason to believe that anything was compromised. We’re certain that none of your personal information (passwords, etc.) was exposed, and your blog is backed up and safe as always. This was an embarrassing error, but something we were prepared for.

The fact that this occurred at all is still unacceptable, and we’ll be seriously evaluating and adjusting our processes to ensure an error like this can never happen again.”

The explanation was likely enough to assuage the fears of Tumblr loyalists, but on the Hacker News forum a contingent was left unconvinced that the breech was merely “an embarrassing error.”

Some commentators went as far as to blame Tumblr for “criminal negligence.” Others were content to point a finger at the idiosyncrasies of the PHP programming language. A few defended Tumblr, saying that the breach wasn’t as severe as it was made out to be. Either way, Tumblr had dozens of sideline developers offering their debugging expertise pro bono.

In December, Tumblr was taken offline for almost a full day following an issue with its database cluster.


Emerging Tech

Microsoft’s friendly new A.I wants to figure out what you want — before you ask

Move over Siri and Alexa! Microsoft wants to build a new type of virtual assistant that wants to be your friend. Already making waves in Asia, could this be the future of A.I. BFFs?
Computing

Service restored after glitch locks out Microsoft Office 365 business users

Microsoft reported that a problem with its system caused some users to be locked out of their accounts. Because the multifactor authentication system went down globally, some Office 365 and Azure users were unable to log in.
Mobile

Tumblr for iOS vanishes from App Store, possibly due to inappropriate content

Tumblr for iOS is currently only allowing searches in Safe Mode, and it is not available on the App Store. The speculation is that the app's disappearance had something to do with inappropriate content.
Mobile

Instagram tool accidentally exposes user passwords. Were you affected?

Instagram's Download Your Data tool accidentally exposed the passwords of a small number of users. Here is the explanation on what happened, and how to find out which Instagram accounts were compromised.
Computing

All the best Apple MacBook deals for Black Friday 2018

Shoppers looking for a new Apple laptop could find huge savings on a new MacBook come Black Friday. Retailers are offering discounts as much as $650 on select MacBook, MacBook Air, and MacBook Pro models this holiday season.
Gaming

Playing ‘Battlefield V’ on an $800 Nvidia card is stunning. And disappointing

‘Battlefield V’ is the first game to use Nvidia’s ray tracing support, now available with the RTX 2080 and 2080 Ti graphics cards. The feature can, in an ideal scenario, make the game look better, but the performance hit may not be…
Smart Home

All the best Amazon Black Friday deals for 2018

Amazon may be an online-only retailer, but that doesn’t mean its Black Friday sales are anything to sniff at. In fact, due to its online status, Amazon has huge flexibility with the range of products and deals it can offer. Here's our…
Computing

Save a heap with these Black Friday 2018 graphics card deals

The Black Friday 2018 sales period is finally here and it's brought with it a tonne of great component deals. We've been scouring websites and catalogs for days to find you the best graphics cards deals for Black Friday 2018.
Computing

HP takes $100 off of leather-clad Spectre Folio 13 bundle for Black Friday

HP is offering a discount to Black Friday shoppers for a bundle that includes its leather-wrapped answer to Apple's MacBook Air. HP is offering a $100 discount on the Spectre Folio 13 when bundled with a mouse and leather sleeve.
Deals

The best Target Black Friday deals for 2018

The mega-retailer opens its doors to the most competitive shoppers at 6 p.m. on Thursday, November 22, and signs indicate that the retailer means business this year. We've sifted through all of the deals, from consumer electronics to small…
Computing

Still miss Windows 7? Here's how to make Windows 10 look more like it

There's no simple way of switching on a Windows 7 mode in Windows 10. Instead, you can install third-party software, manually tweak settings, and edit the registry. We provide instructions for using these tweaks and tools.
Deals

Cyber Monday 2018: When it takes place and where to find the best deals

Cyber Monday is still a ways off, but it's never too early to start planning ahead. With so many different deals to choose from during one of the biggest shopping holidays of the year, going in with a little know-how makes all the…
Computing

Ditch the passwords and buy Xbox games with just your face

Passwords are the past. The latest version of Windows 10 allows you to sign in with your Microsoft account on the web through Microsoft Edge using Windows Hello or a FIDO 2 Yubikey. 
Web

Canceling Amazon Prime is easy, and you might get a refund

Don't be intimidated. Learning how to cancel Amazon Prime is easier than you might think. You might even get a partial or full refund on the cost, depending on how much you've used it. Check out our quick-hit guide for doing so.