In a blog post, Opera confirmed the attack and mentioned that the company was able to quickly block it to avoid further damage.
Advertisement
When questioned on the specifics about the encryption used for the stored passwords, an Opera spokesperson attempted to deflect (security by obscurity), forgetting that the process has been disclosed previously. While the full extent of the breach isn’t yet known, Opera fears that passwords saved in the browser’s manager may have been exposed.
The Norway-based internet browser maker said in a blog post that it “quickly blocked” an attack on its systems earlier this week, but admitted that some data was compromised, including “some of our sync users’ passwords and account information”, such as login names. One of the company officials from Opera stated that the company only stores encrypted or hashed and salted passwords in the system. Last time, the hackers eyed Sony and now, this time, it is Opera. “In an abundance of caution, we have also encouraged users to reset any passwords to third party sites they may have synchronised with the service”.
Along with the password rest, Opera has also sent emails to Opera Sync users, asking them to change any third-party passwords which were synchronized with the Sync service which has approximately 1.7 million active monthly users.
Advertisement
Password reuse is a rampant problem, so anyone who reused the same Dropbox password on other sites were also advised to change those passwords. So this data only indicates that the possible damage due to this breach may be very less indeed. However, with a user base of 350 million this means that upwards of 1.7 million people could be affected. The company stated that it takes all the info of each and every user seriously, and this issue will definitely be taken care of.
