Buffer security breach has been resolved – here is what you need to know: As of today, we’ve learnt some important, new information about how the hackers were able to get access to the Buffer database and steal the API tokens for Twitter and Facebook that were used to post spam on our users behalf.
The backdoor that was created through one of our partners, MongoHQ who are managing our database. MongoHQ, who have been incredibly responsible and responsive regarding this also just released an update about the security breach on their blog.
In short, the MongoHQ password of one of MongoHQ’s employees was stolen. That way the hackers logged into the main admin dashboard of MongoHQ and were able to use the “impersonate” feature to see all of Buffer’s database information. Through that, they wrote a script to steal our social access tokens and post spam messages on behalf of our users.