“We have just released a very important security update for our iPhone and iPad apps addressing an issue that allowed passwords to be compromised in certain circumstances,” Derek Gottfrid, the blogging platform’s vice-president of product, said in a blog post. In a footnote, Gottfrid elaborated that passwords were “sniffed” or detected while in transit on certain versions of the app.
The company also advised users of its iOS apps to update their passwords on Tumblr, as well as “anywhere else you may have been using the same password.”
In an emailed statement, spokesperson Katherine Barna told Mashable that Tumblr was notified of a “security vulnerability” in its iOS app earlier Tuesday.
“We immediately released an update that repairs the issue and are notifying affected users. We obviously take these incidents very seriously and deeply regret this error,” Barna said. She did not provide further details on the security issue.
Those using Tumblr’s iOS apps can head to Apple’s App Store to download the security fix.
In May, Yahoo announced that it reached an agreement to acquire Tumblr. The deal wascompleted last month.