Opera sync servers hacked, usernames and passwords at risk
Opera Software is advising all users of the sync feature of its Opera browser to change their passwords following a security breach. Details are a little scant at the moment, but the company says that servers were breached earlier in the week and user data may have been compromised.
Opera Sync is used to synchronize user data between different computers but it is apparently used by under "0.5% of the total Opera user base". However, with a user base of 350 million this means that upwards of 1.7 million people could be affected.
Coming shortly after advice from Dropbox to change passwords following a historic security breach, Opera's own hack is still under investigation. It goes without saying that while it is only Opera Sync data that may have been compromised, if you are in the habit of using the same passwords for multiple sites and services, now is the time to start changing them.
In a statement on the Opera Security blog, Tarquin Wilton-Jones says:
Earlier this week, we detected signs of an attack where access was gained to the Opera sync system. This attack was quickly blocked. Our investigations are ongoing, but we believe some data, including some of our sync users' passwords and account information, such as login names, may have been compromised.
Although we only store encrypted (for synchronized passwords) or hashed and salted (for authentication) passwords in this system, we have reset all the Opera sync account passwords as a precaution.
We have also sent emails to all Opera sync users to inform them about the incident and ask them to change the password for their Opera sync accounts. In an abundance of caution, we have encouraged users to also reset any passwords to third party sites they may have synchronized with the service.