If you’ve been using Opera’s cloud sync service, your password and other sensitive data might have been hacked. Opera confirmed the mid-week server breach on Friday, saying “this attack was quickly blocked” but that “we believe some data, including some of our sync users’ passwords and account information, such as login names, may have been compromised.”See also: Opera unlimited free VPN now on Android
Opera has already reset all Opera sync account passwords as a precaution and sent emails to all Opera sync users informing them of the breach and advising they change their passwords as soon as possible. You can do that via the button below. Just to be safe, Opera is also encouraging users to change any other third-party site passwords that might sync with Opera’s service.
Even though the passwords that may have been intercepted are either encrypted synchronized passwords or hashed and salted authentication passwords, the fact that the hackers may have also accessed the account passwords and account details at the same time means that if there was ever any possibility of decrypting those passwords, this would be it.
As if to mitigate the severity of the issue, Opera noted in a blog post that in the last month, less than 0.5% of Opera’s total user base were using its sync service. But that’s still 1.7 million people. On the plus side, if you’re one of the 350 million Opera users that don’t use Opera sync, there’s nothing you need to do as your account details and passwords are unaffected by the hack.
Less than 0.5% of Opera's total user base, but still 1.7 million people, were using its sync service in the last month.
As we’ve seen repeatedly with recent high-profile account hacking, part of the problem also lies in the frequency with which folks re-use passwords across multiple services. If you re-use usernames and/or passwords across multiple services and one of them with weaker security gets hacked, then your credentials for more important services might have been given up in the process.
Do you use Opera sync? Have you had an account hacked before?