Tumblr blames ‘human error’ for weekend security lapse

Tumblr LogoPopular blogging service Tumblr has cited “human error” as the cause behind a security glitch that may have revealed users’ passwords, API keys, IP addresses and other personal data.

The alarm was sounded Saturday morning via Twitter. “OMG…The Tumbeasts are spitting out passwords!,” the tweet read. The news quickly spread, with armchair hackers taking to forums to debate the extent and cause of the glitch. As it turns out, a PHP coding error was likely to blame for 748 lines of information being made visible.

Tumblr responded quickly to fix the problem and followed up with an official statement posted about five hours later. Here’s what Tumblr had to say for itself:

“A human error caused some sensitive server configuration information to be exposed this morning. Our technicians took immediate measures to protect from any issues that may come as a result.

We’re triple checking everything and bringing in outside auditors to confirm, but we have no reason to believe that anything was compromised. We’re certain that none of your personal information (passwords, etc.) was exposed, and your blog is backed up and safe as always. This was an embarrassing error, but something we were prepared for.

The fact that this occurred at all is still unacceptable, and we’ll be seriously evaluating and adjusting our processes to ensure an error like this can never happen again.”

The explanation was likely enough to assuage the fears of Tumblr loyalists, but on the Hacker News forum a contingent was left unconvinced that the breech was merely “an embarrassing error.”

Some commentators went as far as to blame Tumblr for “criminal negligence.” Others were content to point a finger at the idiosyncrasies of the PHP programming language. A few defended Tumblr, saying that the breach wasn’t as severe as it was made out to be. Either way, Tumblr had dozens of sideline developers offering their debugging expertise pro bono.

In December, Tumblr was taken offline for almost a full day following an issue with its database cluster.


Emerging Tech

Inside the Ocean Cleanup’s ambitious plan to rid the ocean of plastic waste

In 2013, Boyan Slat crowdfunded $2.2 million to fund the Ocean Cleanup, a nonprofit organization that builds big, floating trash collectors and sets them out to sea, where they’re designed to autonomously gobble up garbage.
Movies & TV

The best shows on Netflix right now (April 2019)

Looking for a new show to binge? Lucky for you, we've curated a list of the best shows on Netflix, whether you're a fan of outlandish anime, dramatic period pieces, or shows that leave you questioning what lies beyond.
Emerging Tech

How emotion-tracking A.I. will change computing as we know it

Affectiva is just one of the startups working to create emotion-tracking A.I. that can work out how you're feeling. Here's why this could change the face of computing as we know it.
Social Media

Facebook says it unintentionally uploaded email contacts of 1.5 million users

Facebook says that over the last two years it unintentionally uploaded the email contacts of 1.5 million users as they signed up to the social networking service. The process has ended and the email addresses are being deleted.
Computing

From simple work tools to high-end gaming peripherals, these are the best mice

If you're looking to buy the best mouse for you, whether it's for gaming or work, we have something for you. We've put together a list of our favorite mice, all of which have great features and sell at a great price.
Computing

Amazon drops deals on Razer, Netgear, and Western Digital PC accessories

Grab these deals while you can: As part of their Deal of the Day promotion, Amazon is offering deep discounts on a wide variety of PC accessories including premium gaming mice, external hard drives, and even Wi-Fi routers.
Computing

Tired of choosing between Windows and Mac? Check out these Chromebooks instead

We've compiled a list of the best Chromebooks -- laptops that combine great battery life, comfortable keyboards, and the performance it takes to run Google's lightweight Chrome OS. From Samsung to Acer, these are the Chromebooks that really…
Apple

WWDC 2019 Complete Coverage

Apple’s Worldwide Developer Conference is a key tech event each year, and for Apple fans, it will be one of the two best times of 2019 (along with "new iPhone day," of course). For the last few years, Apple has debuted much of its…
Computing

AMD's upcoming Navi graphics cards are incoming. Here's what to expect

AMD's Navi graphics cards could be available as soon as July 2019 — as long as it's not delayed by stock problems. Billed as a successor to Polaris, Navi promises to deliver better performance to consoles like Sony's PlayStation 5.
Mobile

Want to watch Netflix in bed or browse the web? We have a tablet for everyone

There’s so much choice when shopping for a new tablet that it can be hard to pick the right one. From iPads to Android, these are our picks for the best tablets you can buy right now whatever your budget.
Computing

Working hard or hardly working? Do it right with these versatile PC desks

Looking for a new piece of furniture that will fit in your office, dorm, or gaming cave? Here are some of our favorite computer desks on the market, whether you're a serious gamer looking for an upgrade, or just moved into a new space.
Computing

Time to upgrade your storage? Here are the best SSDs you can buy right now

Solid state drives provide superior speed and more affordable than ever. Interested in buying one? We've found the top drives that range from $100 to $1,000 in price, so you can get the most bang for your buck.
Computing

Boost your PCs power by learning how to overclock your CPU

Is your PC just chugging along, a little slower than you'd like? Sometimes you just need a little more power under the hood. Before you pick up some new hardware, learn how to overclock your CPU.
Apple

Leaked memo: If your MacBook keyboard dies, Apple will fix or replace in one day

If your Apple MacBook keyboard is problematic, getting it fixed at a Genius Bar just got a lot easier. Apple has now mandated that its Geniuses repair or replace MacBook keyboards by the next working day.