Tumblr Apologizes For Huge Security Glitch That Revealed Passwords

Tumblr apologized on Tuesday for a major security glitch that exposed blogger passwords and email addresses.

In a post on the official staff Tumblr, Derek Gottfrid, announced a huge security issue with Tumblr's apps for the iPhone and iPad. First discovered by a reader of the British news outlet The Register, the security flaw allows users' passwords to be easily stolen because the apps were not logging users in with a secure server (SSL).

Gottfrid, the company's VP of Product, writes that Tumblr is "tremendously sorry for this lapse and inconvenience."

Tumblr's support team did not fix the glitch when the reader first reported it to them, so the unnamed source brought the issue to the Register's attention, the Register reports.

In the blog post, Gottfrid says that anyone using the official Tumblr app on iOS should download the app update that Tumblr has created to solve the problem. He also writes that app users should change their Tumblr password and any other place they have been using that same password.



Tumblr Tips: 16 Things You Need To Know