Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Stack Overflow Shares Technical Details on 2019 Hack

Stack Overflow, the popular Q&A platform for programmers, this week shared technical information on how its systems were breached back in 2019, and it turns out that the hacker often viewed questions posted on Stack Overflow to learn how to conduct various activities on the compromised systems.

Stack Overflow, the popular Q&A platform for programmers, this week shared technical information on how its systems were breached back in 2019, and it turns out that the hacker often viewed questions posted on Stack Overflow to learn how to conduct various activities on the compromised systems.

The security breach was disclosed by Stack Overflow in mid-May 2019, and a few days later it admitted that the incident resulted in the details of some users being exposed.

Stack Overflow has now published a detailed timeline of the attack, which appears to have started on April 30, 2019, and was discovered nearly two weeks later, on May 12, after a suspicious user account that had escalated privileges was noticed by the community.

The company said the attacker had managed to gain access to the personal information of 184 users — it initially said 250 users were impacted — including names, email addresses and IP addresses. There was no indication that the hacker’s goal was to obtain user information.

However, more importantly, the attacker gained access to source code, which they managed to exfiltrate. The attacker apparently started from a low-privileged account and gradually worked their way up to the point where they could steal Stack Overflow source code.

“Thankfully, none of the databases—neither public (read: Stack Exchange content) nor private (Teams, Talent, or Enterprise)—were exfiltrated. Additionally, there has been no evidence of any direct access to our internal network infrastructure, and at no time did the attacker ever have access to data in Teams, Talent, or Enterprise products,” Stack Overflow said in its blog post.

Advertisement. Scroll to continue reading.

The attacker regularly viewed questions posted on Stack Overflow to obtain information, which allowed the company to anticipate and understand the attacker’s methodology during its investigation.

Stack Overflow details hack

Stack Overflow says it cannot share any information about the attacker due to ongoing investigations, but the company’s description of the attack suggests that the hacker was skilled and determined.

In addition to a detailed description of the attacker’s actions, Stack Overflow’s blog post also provides information on the remediation steps taken by the company in response to the attack, as well as advice for other organizations to help them prevent these types of incidents.

Related: Source Code From Major Firms Leaked via Unprotected DevOps Infrastructure

Related: Source Code of Windows XP, Server 2003 Allegedly Leaked

Related: Code Stolen After Developer Installed Trojanized App

Written By

Eduard Kovacs (@EduardKovacs) is senior managing editor at SecurityWeek. He worked as a high school IT teacher before starting a career in journalism in 2011. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing for the latest cybersecurity threats, trends, and expert insights.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this live webinar as we break down why email-layer defenses alone can't keep pace with the modern phishing ecosystem, how agentic AI is changing the capacity equation for security teams, and more.

Register

This year's summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments. Interact with leading solution providers and other end users facing similar challenges in securing a variety of cloud deployments.

Register

People on the Move

Sherrod DeGrippo has been appointed Head of Threat Intelligence for Palo Alto Networks Unit 42.

Christopher Porter has joined Booz Allen Hamilton as Global Chief Information Security Officer.

Yael Ben Arie has joined exposure validation company Pentera as Chief Product Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.