Opera said in a blog post that earlier last week, the company “detected signs of an attack where access was gained to the Opera sync system.” Even though the company has claimed that the attack was blocked quickly, it has admitted that some data, which includes the username and passwords of some users of its sync service, may have been compromised.
It should be noted that even though the third-party website passwords that are linked to the synchronization service are themselves safe and secure, as they are kept in an encrypted form, access to Opera Sync account information means the hackers can potentially decrypt these passwords.
Opera says, “Although we only store encrypted (for synchronized passwords) or hashed and salted (for authentication) passwords in this system, we have reset all the Opera sync account passwords as a precaution.”
The company says it has also sent out emails to all Opera Sync users asking them to change their Opera Sync password, and also reset any passwords to third party sites that they may have synchronized with its service.
In order to change your password for Opera’ sync service, you can head to the password reset page. One factor that might come as a relief to the company in the entire situation is that a very small fraction, around 1.7 million users, out of its total 350 million users, actively avail the cloud-sync service, which has been attacked. Users who do not use the sync service are not required to take any measures as per the company.
Opera has apologised for the security breach to its users and said that an investigation is going on regarding the same.
Last week, interestingly, Opera launched a free and unlimited VPN for Android which also includes an ad-tracker blocking function, and a Wi-Fi security test.