Hive Social, an alternative for both Twitter and Instagram, went down on Wednesday to address critical security flaws in the app, the startup has confirmed. It’s expected to remain offline for several days.
The problems were first reported by German website Zerforschung, which claims an attacker could access “all data,” including private posts, private messages, shared media, email addresses, and phone numbers.
“People on Twitter wished for an edit button,” the website said in a post. “One of Hive’s security vulnerabilities allows even more: You can edit posts of other accounts.”
Hive, which recently announced that it had reached 1 million users, was taken offline a few hours after Zerforschung’s article was published. In a statement, the company said it was working to address the flaws.
“The Hive team has become aware of security issues that affect the stability of our application and the safety of our users,” the statement said. “Fixing these issues will require temporarily turning off our servers for a couple of days while we fix this for a better and safer experience.”
The statement added: “We plan to work tirelessly until we can get back online and we hope to welcome you back to a faster and more stable Hive very soon.”
Hive called the temporary shutdown a “preventative measure” and claimed that no data had been leaked, even though it provided no specific details about the vulnerabilities.
Zerforschung reported that it had tried to reach Hive for 2 days to warn them about the problem and it took another 2 days before the app was taken offline, which happened hours after the issue became public.
People on Twitter wished for an edit button. One of Hive's security vulnerabilities allows even more: You can edit posts of other accounts. pic.twitter.com/G2LnC46Ig7— zerforschung (@zerforschung) November 30, 2022