OpenFlexure suffers massive data breach, hackers release source code online
An optimistic, but ultimately unsuccessful campaign
Hackers have gained access to over five years of OpenFlexure source code, which they have published online. The breach β which started shortly after midnight today, 1/4/2022 β was noticed this morning, but by then it was too late. Unfortunately, the repos and version history were too well organised, making it easy for the hackers to download designs, documentation and version control quickly.
The motives of the group responsible is unknown, but given the clear instructions and simple bill of materials, fears are that they may begin mass producing knock-off OpenFlexure Microscopes without paying the required royalties to the designers. This could potentially flood the market with accessible, high-precision microscopes, with a severe impact on education, research and hobbyists as accessibility increases. It appears some opportunistic users have already pirated their own device, publishing papers and sharing images from projects to https://openflexure.org/.
An embarrassing oversight makes this harder to combat, as it has emerged that the designers failed to patent the microscope design. This makes it impossible to take legal action against manufacturers and users of the leaked microscope, so there are no consequences to visiting the configurator and assembling your own high precision device.
OpenFlexure isnβt the sole victim of one of these attacks today; Lichess also announced the unintended sharing of their source code, while fears mount that data from Mozilla Firefox, Linux and Arduino may be targeted next. No personal data was lost or shared in the attack, and usersβ microscopes remain secure. We hope you continue to use the OpenFlexure Microscope, and have a great April 1st.