Skype has tackled a password reset flaw which could be exploited to hijack the video chat service's accounts.
The vulnerability was discussed on a Russian blog about three months ago, but was only tackled after details were shared on news discussion site Reddit.
The issue could have exposed answerphone messages, old text message conversations and user details including date of birth.
Skype said it had now resolved the issue.
"Early this morning we were notified of user concerns surrounding the security of the password reset feature on our website," said engineer Leonas Sendrauskas.
"This issue affected some users where multiple Skype accounts were registered to the same email address.
"We suspended the password reset feature temporarily this morning as a precaution and have made updates to the password reset process today so that it is now working properly.
"We are reaching out to a small number of users who may have been impacted to assist as necessary. Skype is committed to providing a safe and secure communications experience to our users and we apologise for the inconvenience."
No comments:
Post a Comment