Two days ago we reported that Tumblr released a new update urging its iOS users to change their passwords immediately to avoid putting the accounts at risk. Sounds like the blogging platform handled the situation swift and well—but according to Tech News Daily, it turns out that might not be the case. 
 
A Tumblr IT emplyee, who originally discovered the security flaw, said the company ignored his finding at first, and they only fixed the bug after a tech blog informed them about the flaw two weeks later. If true, countless users were exposed to account hijacks for two weeks. 
 
Regarding the reported delay, Tumblr's spokeswoman told Tech News Daily that they immediately repaired the issue and notified the affected users, adding that they treat every incident seriously and regret the error. 

[via Tech News Daily]