Tumblr, the David Karp-founded, Yahoo-owned website, has fixed a security flaw it found on its iOS app. Very little information was given about the bug, but the firm suggested users change their passwords immediately.
This was posted yesterday on the staff blog.
Important security update for iPhone/iPad users
We have just released a very important security update for our iPhone and iPad apps addressing an issue that allowed passwords to be compromised in certain circumstances¹. Please download the update now.
If you’ve been using these apps, you should also update your password on Tumblr and anywhere else you may have been using the same password. It’s also good practice to use different passwords across different services by using an app like 1Password or LastPass.
Please know that we take your security very seriously and are tremendously sorry for this lapse and inconvenience.
¹ “Sniffed” in transit on certain versions of the app
Yesterday was the first anniversary of Marissa Mayer‘s first day in charge of Yahoo, and the news will hardly be welcome. Yesterday was also the day the firm held its Q2 earnings call–which it did on live video. (The results were mixed: an increase in earnings, but revenue was flat.)
But what is, perhaps, more worrying for Sunnyvale is how Yahoo’s advertising rate is decreasing–down 12% in the three months between April and June of this year. Reuters points out that marketeers are preferring to use automated exchanges for online ad sales, as it is cheaper than buying premium sites through the web publisher’s salesforce. It’s the algorithm, stupid.
Yahoo later released a statement to The Next Web, in which it said, ” We obviously take these incidents very seriously and deeply regret this error.” Earlier this year, the firm grappled with an ongoing security flaw in Yahoo mail.