Skip to main content

Some Tumblr Users May Have Had Their Data Breached

By November 1, 2018June 2nd, 2022Cybersecurity

Do you use Tumblr?  If so, be aware that your personal information may have been exposed.

Tumblr recently added a feature called “Recommended Blogs” that presents you with a list of blogs you might enjoy based on your past viewing habits.  It’s a great idea in theory, but unfortunately, there were problems with the way the feature was implemented.

Any blog on the recommended list was placed there in such a way that it left the blog owner’s personal information exposed, including:

  • IP Address
  • Self-Reported location
  • Email Address
  • Password

Tumblr had this to say in an open letter published on their site:

“It’s our mission to provide a safe space for people to express themselves freely and form communities around things they love.  We feel that this bug could have affected that experience.  We want to be transparent with you about it.  In our view, it’s’ simply the right thing to do.

We found no evidence that this bug was abused and there is nothing to suggest that unprotected account information was accessed.”

Even if you’ve never seen your Tumblr blog on the recommended list, your best bet is to change your password immediately. As usual, if you use the same password for Tumblr that you use on any other web property, change that password too.

Now would be a great time to break yourself of the habit of using the same password across multiple websites.  Continuing that practice makes you a ticking bomb.  Sooner or later, it’s going to explode on you, with tragic consequences that could take years to fully recover from.

We applaud Tumblr’s handling of this issue.  At a time with other social media platforms are under fire for their handling of security flaws, Tumblr’s transparency is refreshing indeed.

Jason Manteiga

Jason J. Manteiga, Vice President of Olmec Systems, has been part of the company for over the past 20 years. He believes that having a great work environment and supportive team, is the ultimate key to success. Since being in the IT realm for over 25 years, Jason, along with Olmec Systems, has been on the Inc. 5000 “List of America’s Fastest Growing Private Companies” and Channel Futures MSP 501 “Top Managed Service Providers in North America,” along with other awards and nominations. Jason earned his Bachelor Degree in Information Systems from the New Jersey Institute of Technology. He also holds certifications in Microsoft MCSE, VMWare VCP, and Cisco CCNA. In his spare time, Jason is a contributor for The Center for Social & Legal Research (Privacy Exchange) and a member of the Morris County Chamber of Commerce. His hobbies include cycling and kayaking. He currently lives in New Jersey with his wife, two daughters and son.