All posting activity is halted as the team at Buffer tries to find a fix.

buffer web mobile Social sharing service Buffer gets hacked

Buffer, the service that lets you schedule posts for various social networks, has been hacked. The issue was first noticed when users began seeing spammy posts that were sent through Buffer. Then the team at Buffer confirmed that its services were hacked, and that all auto posting has been disabled.

Buffer has over 1 million registered users, and has mentioned in a post on its blog that it is working hard to restore services to users. A majority of users who had auto posting selected on Buffer were found to be sharing messages on how to lose weight.

shot 2013 10 26 at 2 55 37 pm Social sharing service Buffer gets hacked

It is unclear as of yet as to how the service was hacked, but Buffer has revoked its access tokens for all networks, and users have to re-authorize the service to start using it again. Buffer uses oAuth to access users’ social accounts, so users in all likelihood need not worry about changing their passwords on social networks that were granted access to Buffer.

Here is the email Buffer sent out to its users in its entirety:

Hi there,

I wanted to get in touch to apologize for the awful experience we’ve caused many of you on your weekend. Buffer was hacked around 1 hour ago, and many of you may have experienced spam posts sent from you via Buffer. I can only understand how angry and disappointed you must be right now.

Not everyone who has signed up for Buffer has been affected, but you may want to check on your accounts. We’re working hard to fix this problem right now and we’re expecting to have everything back to normal shortly.

We’re posting continual updates on the Buffer Facebook page and the Buffer Twitter page to keep you in the loop on everything.

The best steps for you to take right now and important information for you:

  • Remove posts from your Facebook page or Twitter page that look like spam
  • Keep an eye on Buffer’s Twitter page and Facebook page
  • Your Buffer passwords are not affected
  • No billing or payment information was affected or exposed
  • All Facebook posts sent via Buffer have been temporarily hidden and will reappear once we’ve resolved this situation

I am incredibly sorry this has happened and affected you and your company. We’re working around the clock right now to get this resolved and we’ll continue to post updates on Facebook and Twitter.

If you have any questions at all, please respond to this email. Understandably, a lot of people have emailed us, so we might take a short while to get back to everyone, but we will respond to every single email.

– Joel and the Buffer team

Source: Buffer