Timehop users should already be aware of the data breach that happened July 4th. Timehop is reaching out to its users to inform and update them. The Timehop app is a social media post reminder app which has access to social media accounts you give it access to. The data breach included names, addresses, and phone numbers. Even worse, users secure tokens to social media accounts were compromised. This would allow for viewing access to a variety of users social media accounts.
On July 4, 2018, Timehop experienced a network intrusion that led to a breach of some of your data. We learned of the breach while it was still in progress, and were able to interrupt it, but data was taken. While our investigation into this incident (and the possibility of any earlier ones that may have occurred) continues, we are writing to provide our users and partners with all the relevant information as quickly as possible.
Timehop goes on to outline some of the key points of the breach.
- Some data was breached. These include names, email addresses, and some phone numbers. This affects some 21 million of our users. No private/direct messages, financial data, or social media or photo content, or Timehop data including streaks were affected.
- To reiterate: none of your “memories” – the social media posts & photos that Timehop stores – were accessed.
- Keys that let Timehop read and show you your social media posts (but not private messages) were also compromised. We have deactivated these keys so they can no longer be used by anyone – so you’ll have to re-authenticate to our App.
- If you have noticed any content not loading, it is because Timehop deactivated these proactively.
- We have no evidence that any accounts were accessed without authorization.
- We have been working with security experts and incident response professionals, local and federal law enforcement officials, and our social media providers to assure that the impact on our users is minimized.
- You may have noticed that you have been logged out of our App. We did this in an abundance of caution, to reset all the keys.
- The damage was limited because of our long-standing commitment to only use the data we absolutely need to provide our service. Timehop has never stored your credit card or any financial data, location data, or IP addresses; we don’t store copies of your social media profiles, we separate user information from social media content – and we delete our copies of your “Memories” after you’ve seen them.
The company has been working to fix the problem and you’ll likely be asked to relog into the app. We highly suggest you change your password as well — and for any other sites you may be using the same password for. You can hit the link below for more info on the data breach with more specifics.Source: TimehopBlog