Unauthorized access gained last weekend; no sign that breach affected customer data

UPDATE (20/05; 07:47 UTC) A Stack Overflow spokesperson said that on May 11, an intruder made a change to the system to grant themselves privileged access on production that could have returned IP address, names, or emails for a select number of users. “I can now confirm that our investigation suggests the requests in question affected approximately 250 public network users,” the spokesperson said.


Stack Overflow, the popular question-and-answer site for developers, has reported a security incident that saw attackers gain access to its production systems last weekend.

In a terse security update issued yesterday, Mary Ferguson, vice president of engineering, said: “Over the weekend, there was an attack on Stack Overflow.

“We have confirmed that some level of production access was gained on May 11. We discovered and investigated the extent of the access and are addressing all known vulnerabilities.”

According to Ferguson, the company’s investigation into the incident has not thrown up any evidence that customer or user data has been compromised.

“Our customers’ and users’ security is of the utmost importance to us,” Ferguson said. “After we conclude our investigation cycle, we will provide more information.”