Social Sharing App Buffer Hacked, Temporarily Halts Service
The attack was first noticed when an undetermined number of users began posting spammy weight-loss links to their Facebook and Twitter pages. That included highly visible members of the tech community like investor Fred Wilson, as well as brands Startup Genome, Turnstone and Brussels Airlines.
“We greatly apologize for this big mess we’ve created. Buffer has been hacked,” co-founder Leo Widrich said in a Facebook post on Saturday morning.
Widrich told Buffer customers that, in order to avoid automatically posting content from their accounts, users should either change their Facebook passwords or revoke Buffer’s social sharing permissions, and then delete the spam posts from their Facebook timelines.
Buffer is hardly the only app which has had spam-related problems of late. Just recently, Instagram saw a viral wave of weight-loss-related spam spread quickly across its service, though it was not the result of a hack.
Buffer has not provided details on the extent of the hack, but has temporarily disabled its app’s Facebook functionality.
Update 2:14 pm PT: Widrich and his staff sent out emails to users on Saturday afternoon, and also posted a few more details to the company blog. Among the additional information, Widrich said that no user passwords have been affected, nor has any “billing or payment information been affected or exposed.”
“I am incredibly sorry this has happened and affected you and your company. We’re working around the clock right now to get this resolved and we’ll continue to post updates on Facebook and Twitter,” Widrich wrote.