If you're a Timehop user,Down Town we've got some really bad news. The app, which reminds you of your past social media postings, says it was hacked on July 4.
Timehop says some 21 million users are affected by the data breach, which exposed information such as "names, email addresses, dates of birth, gender of users, country codes, and some phone numbers."
SEE ALSO: Amazon patents hijack-proof delivery dronesIn a company blog post, Timehop says although it learned of the hack while it was happening and was able to interrupt it, "data was taken."
The cause of the hack: Apparently, the company's cloud computing account wasn't protected by multi-factor authentication. Timehop says it's beefed up its security since the incident.
(Now's a good time to remind you to set up two-factor authentication, aka 2FA, to protect your data for any apps and services that support it. There's really no reason not to.)
Timehop says the "keys" that are used to link your social media accounts to the app were breached. As a result, the company's logged all users out of the app to reset the keys. Users will need to log back into all their accounts to re-link them.
"Timehop has never stored your credit card or any financial data, location data, or IP addresses; we don’t store copies of your social media profiles, we separate user information from social media content -- and we delete our copies of your “Memories” after you’ve seen them."
Aside from the aforementioned names, email, addresses, dates of birth, gender of users, country codes, and some phone numbers, it appears all other data is safe.
"No private/direct messages, financial data, or social media, or photo content, or Timehop data including streaks were affected," the blog post states.
Additionally, the company says no social media posts were accessed by the intruders. That covers any data from third-party services you may have linked to Timehop, such as Facebook, Instagram, Twitter, Google Photos, Swarm, Dropbox, etc.
There are two ways to log into Timehop: with a Facebook account or your phone number.
If, like me, you use Facebook to log into the app, your phone number is safe.
"FB’s API wouldn’t have given a phone number to us, nor would it allowed the use of a phone number to access anything," Rick Webb, Timehop's COO, confirmed to Mashable over email. "On top of that, the tokens were invalidated before used."
However, if you use your phone number as your sign-in, then it's been stolen by the hackers and you'll want to take extra measures to protect it from being ported. As 9to5Mac notes, ported numbers could be used to obtain 2FA codes for bank accounts.
"Those who use a phone number as a login had their phone number compromised, but it is unrelated to their FB credentials," Webb said.
Timehop says of the 21 million accounts that are affected by the hack, about 4.7 million of them have a phone number attached to them.
Here's what Timehop recommends doing if you use your phone number as your login:
If AT&T, Verizon, or Sprint is your provider, this is accomplished by adding a PIN to your account. See this article for additional information on how to do this.
If you have T-Mobile as your provider, call 611 from your T-Mobile device or 1-800-937-8997 and ask the customer care representative to assist with limiting portability of your phone number.
For all other providers, please contact your cell carrier and ask them how to limit porting or add security to your account.
Maybe.
Even though Timehop has increased its security, the stolen data could still surface online. If your account is affected, make sure you keep an eye out for any suspicious activity.
Timehop even warns there's a good chance the stolen data could surface (emphasis ours):
Timehop has retained the services of a well established cyber threat intelligence company that has been seeking evidence of use of the email addresses, phone numbers, and names of users, and while none have appeared to date, itis a high likelihood that they soon will appear in forums and be included in lists that circulate on the Internet and the Dark Web.
If you don't use Timehop, now's a good time to either delete your account or de-authorize any connected social media accounts. Both can be done from within the app's settings page.
UPDATE: July 11, 2018, 1:11 p.m. EDT This story has been updated to include additional details on Timehop data that was obtained by hackers.
Topics Cybersecurity Privacy
Previous:Fyre Festival and Trump’s Language
What's Thermal Throttling and How to Prevent It
The (Midfield) Engine That Could
Happy Opium Suppression Movement Day!
Couples are having sex in SF robotaxis, report says
Shop Owala's Memorial Day Sale for 30% off tumblers
DoorDash nudges users who don't leave tips
The Morning News Roundup for June 5, 2014
Three Degrees of Being Stood Up
Best JBL deal: Save $10 on the Go 4 at Amazon
Mourning Pierre Capretz
'Severance' Season 3 gets confirmed by Apple
I tried the viral TikTok air fryer pasta chip trend and it's not worth the hype
Welcome Our Writer
A Rookery of Pterodactyls
44 GPU Fortnite Benchmark: The Best Graphics Cards for Playing Battle Royale
The Morning News Roundup for June 4, 2014
Insect scientists want your help renaming bugs with racist names
Netflix starts testing video game streaming
Best robot vacuum deal from the Amazon Big Spring Sale
Robotaxis can now trundle the streets of San Francisco 24/7
New Line and Warner Bros. announce a new animated 'Lord of the Rings' filmGoogle Workspace is now free for everyoneRatchet & Clank: Rift Apart review: Reaching new heights on the PS5'But I'm a Cheerleader' is the perfect fairytale for PrideOne single CDN user took down the internet this weekWhen you're on the high school diving team, get ready for some failsWhat kind of villain is Loki, really? 'Loki' on Disney+ wants to know.The top 10 YouTube videos of 2017Al Franken's resignation only makes the GOP's failures stand out moreZac Efron admits his onscreen kiss with Zendaya is the greatest of all his film kissesThe Trumps bungle Pearl Harbor Day on TwitterLet's agree the tragedyEducators rally to #TeachTruth as the GOP tries to legislate lessonsPresident Biden drops Trump orders banning TikTok and WeChatEverything you buy in this pop'But I'm a Cheerleader' is the perfect fairytale for PrideWhat kind of villain is Loki, really? 'Loki' on Disney+ wants to know.How to cancel YouTube TVFirefighters are seriously unimpressed by YouTube prankster who cemented his head in a microwaveThe internet is ablaze with 'sex is cool' memes Your iPhone can now be a measuring tape, thanks to the magic of augmented reality Virgin Media thinks 800,000 users should change their router passwords Ethereum price drops 20% after a pile of fake and old news reports MashTalk: Where does Uber go without Travis Kalanick? Snapchat maps can figure out what you're doing and it's either cool or creepy Alexis Bledel will return to 'Handmaid's Tale' Season 2 Instagram shares magical 'Harry Potter' illustration to mark 20 Guy remade the upcoming 'Star Wars' trailer using only an 1984 Apple computer Foursquare is now working behind Netflix to 'Girlboss' after just one season: You're fired Augmented reality could be the biggest reason to buy an iPhone 8 Nokia 6 is coming to the U.S., and Amazon Prime members get a big discount SNES Classic controller cables will be longer than 3 measly feet Facebook Messenger reaction filters bring emotions to life J.K. Rowling shares beautiful tweet to mark 20 Prepare to be entranced by these tiny cooking videos Solange responds to young fans adorable video on Twitter Every single Stephen King novella, ranked Man hilariously rips into Starbucks over alleged milk mixup Amazon Echo Show review: The best of Alexa, on display
2.5039s , 8225.5390625 kb
Copyright © 2025 Powered by 【Down Town】,Information Information Network