Opera has told their users that an unknown hacker has gained access to their sync system, potentially exposing the data of around 1.7 million users. The Norwegian browser developer warned that “some of our sync users’ passwords and account information, such as login names, may have been compromised,” and encouraged all users to reset their passwords for third-party sites.
Although we only store encrypted (for synchronized passwords) or hashed and salted (for authentication) passwords in this system, we have reset all the Opera sync account passwords as a precaution.
We have also sent emails to all Opera sync users to inform them about the incident and ask them to change the password for their Opera sync accounts. In an abundance of caution, we have encouraged users to also reset any passwords to third party sites they may have synchronized with the service.
The Opera web sync feature allows users to synchronize browser data and settings across all of their devices. The web browser developer notes that the actual number of users making use of the feature is less than 0.5% of their user base of 350 million people, and that the suggested password reset is merely a precaution.
Security continues to be an issue for a number of online services in recent days. Most recently, Dropbox told its users that any user who hadn’t changed their password since 2012 would be required to change it when they next logged into the cloud storage service. The company initiated the precautionary action when it learned about an old set of user credentials stolen in a hacking incident four years ago.