Tumblr has released an update to the iOS version of its app for iPhones and iPads that includes a "very important...
security update" to fix a flaw that allowed passwords to be compromised.
The move comes less than a week since the release of fresh versions of the app for Apple and Android devices.
No emergency update has been issued for the Android version of the app, indicating the flaw is confined to the iOS version.
In a blog post, the Yahoo-owned microblogging site urged users of its iOS app to download the update and change their passwords on the site as well as on other sites where the same password is used.
“It’s also good practice to use different passwords across different services by using an app like 1Password or LastPass,” the blog post said, without giving much detail about the flaw.
According to a footnote in the blog post, the flaw allowed passwords to be “sniffed” while in transit.
Read more about Yahoo
- Yahoo acquires smart email service Xobni
- Yahoo buys UK teenager’s app for £18m
- Yahoo CEO Marissa Mayer begins product overhaul
- Yahoo to update homepage to win back users
- Ross Levinsohn resigns from Yahoo
- Yahoo claims second Google executive as COO
- Much ado about Yahoo cutting the telecommuting cord
- Scott Thompson restructures Yahoo
- Yahoo CEO Scott Thompson quits
The microblogging site, which claims more than 300 million monthly unique visitors, was acquired by Yahoo last month for $1.1bn.
Analysts said the acquisition will give Yahoo a thriving social-networking and communications hub and access to younger users as the company battles to regain market share from Google and Facebook.
The deal is among several similar acquisitions under the new leadership of chief executive Marissa Mayer and her strategy to create a coherent mobile strategy to reverse years of declining key display advertising revenue.
However, the company has been hit by security issues in recent months, with Yahoo warning that the identity details of up to 22 million users may have been compromised when attackers hacked into its computer systems in May.