Home » Economy

Data breach on Timehop app exposes details of 21 MILLION users

09 July, 2018, 20:40 | Author: Eric Barnett
  • A massive data breach on Timehop app has exposed the private details of more than 21 million people according to a new report. The service links to users social media accounts and claims to be'reinventing reminiscing by resurfacing old phot

The company claims that no private messages, financial information or Timehop data (such as streaks) were compromised, and it deletes its copies of your old posts and photos once you've seen them.

These "keys" allow Timehop to read and show people's social media posts, but not their private messages. "In general, Timehop only has access to social media posts you post yourself to your profile", it adds.

The breach affected 21 million users, including their names, some email addresses, and approximately 4.7 million phone numbers attached to their accounts.

"We have deactivated these keys so they can no longer be used by anyone", the company said.

The vast majority of those affected by the "security incident" (as Timehop refers to it) had their names and usernames exposed, but for almost a quarter of them - 4.7 million - phone numbers were also exposed.

In terms of how its network was accessed, it appears that the attacker was able to compromise Timehop's cloud computing environment by targeting an account that had not been protected by multifactor authentication.

The company's post, however, does not make clear if it notified affected users before publicly announcing the breach on Twitter and its own website days after the attack took place. Doing so may end up leading to a bunch of content being inaccessible for a while whilst a new set of keys establishes itself.


But the company has also warned that "there was a short time window during which it was theoretically possible for unauthorized users to access those posts" but has "no evidence that this actually happened". Some fraudsters have begun to immediately discount secure phones altogether. It might also be helpful to institute limits on amounts that can be spent with your card online.

The company says these tokens have been revoked and will no longer work for users.

The company is advising those whose phone number was lifted to take "additional precautions" with their mobile providers.

"We have now taken steps that include multifactor authentication to secure our authorisation and access controls on all accounts", the blog post said.

"These tokens could allow a malicious actor to view without permission some of your social media posts", the company said.

Timehop says it discovered and halted the breach around two hours after it started.

According to its preliminary investigation of the incident, the attacker first accessed Timehop's cloud environment in December - using compromised admin credentials, and apparently conducting reconnaissance for a few days that month, and again for another day in March and one in June, before going on to launch the attack on July 4, during a U.S. holiday. At 2:43 pm US Eastern Time the attacker conducted a specific action that triggered an alarm, and Timehop engineers began to investigate.

Recommended:

  • Woman, 91, killed after aircraft crashes into condo

    Woman, 91, killed after aircraft crashes into condo

    Anaya said troopers worked with the FAA to come up with a timeline to determine which aircraft were in the area at the time. Authorities are responding to an aviation crash, possibly involving a helicopter, in a residential area in Virginia.
    Polar fitness app exposed location of soldiers and government agents

    Polar fitness app exposed location of soldiers and government agents

    This isn't the first time a tracking app has come under fire for potentially revealing military bases and staff routines. There also seems to be no time limit on the information being shared, with data available as far back as 2014.
    Del Monte Vegetable Snacks Linked to Intestinal Parasite Outbreak

    Del Monte Vegetable Snacks Linked to Intestinal Parasite Outbreak

    People infected may also experience loss of appetite, weight loss, stomach cramps or pain, nausea, gas and fatigue. Therefore, it is unlikely that cyclosporiasis is passed directly from one person to another.

  • Random: Pokémon GO Developer Niantic Has Ingress Netflix Anime In The Works

    The two band together when they find themselves on the run from a mysterious antagonist named Jack. Niantic head John Hanke announced that an Ingress animated series will be coming soon to Netflix.
    Bihar girl alleges gang rape by school teachers and students

    Bihar girl alleges gang rape by school teachers and students

    The police have registered a case and have formed special teams to nab the absconding accused. The girl said her ordeal continued for seven months till her father was released from jail.
    Prince Louis' godparents revealed before baptism

    Prince Louis' godparents revealed before baptism

    Prince William and Kate Middleton have opted for friends, rather than immediate family members, as is custom for royal children. The Queen has been spending time with the duke in Norfolk, and will be travelling back to London on Monday.
  • Marvel Studios’ Captain Marvel Completes Principal Photography

    Marvel Studios’ Captain Marvel Completes Principal Photography

    The news follows Captain Marvel director Ryan Fleck revealing the film had wrapped two days ago . Brie Larson is joined in the film by Samuel L.
    France vs Belgium: Thierry Henry in dilemma

    France vs Belgium: Thierry Henry in dilemma

    On Tuesday, it will be Henry versus France and Henry versus Deschamps, his former teammate for both France and Juventus . That was the last competitive match between the two countries but there have been eight global friendlies since.
    Phil Mickelson penalised for rules violation again

    Phil Mickelson penalised for rules violation again

    Almost a month after appalling the golf world (and violating the PGA rulebook) by putting a moving ball at the U.S. The two-stroke penalty led to a double-bogey 6 for Mickelson, who opened the day nine back of the leaders.
  • Fans ask Microsoft to make Surface Phone a reality

    Fans ask Microsoft to make Surface Phone a reality

    Microsoft has delayed Andromeda's release so that it has more time to work on Andromeda's OS, but Andromeda itself has not been canceled, at least not yet.
    Newcastle's opening four games picked for TV

    Newcastle's opening four games picked for TV

    The home game against Chelsea has been put back a day to Sunday, August 26 (4pm) so it can be broadcast, again by Sky. They missed out on streaming cricket's Indian Premier League despite an offer believed to be around £450m past year .

    CDC Reports 212 Confirmed Cases of Cyclospora in Midwest

    A previous major cyclosporiasis outbreak was reported in 2015 , when 546 individuals were infected across 31 states. Symptoms of cyclospora are diarrhea and frequent, sometimes explosive bowel movements, according to the CDC.


Popular

This is what Gauri Khan allowed Shah Rukh Khan after years!
King Khan could not contain his excitement and replied to Cena by tweeting, "Thanks my friend for spreading the goodness". The film is going to be released on the big screen on December 21, 2018.

Deal Alert: Get 4 months of Amazon Music for only $0.99
Amazon is offering a Prime Day quiz which will serve as entry for a chance to win a Lexus ES. The catch is that you have to be an Amazon Prime member to take advantage of the deals.

Harvey Weinstein pleads not guilty to new charges, released on bail
The literal 16,000 attack ads that demonize the top Democrat don't matter much when you've got a House to win back, she said. A handcuffed Weinstein entered the court room on Monday wearing a dark suit, a white shirt, and a navy blue tie.

Wimbledon glance: Federer, Nadal, Williams start Week 2
Williams will follow Federer at Centre Court, and she plays 120th-ranked qualifier Evgeniya Rodina of Russian Federation . The 36-year-old faces Russian qualifier - and fellow mother - Evgeniya Rodina in the last 16.

Dauphin County collects more West Nile Virus-infected mosquito samples
The best defense people have from EEE or West Nile is to use personal protection measures to guard against mosquito bites. In some individuals, severe illness including meningitis or encephalitis, or even death, can occur.

Froome booed and whistled at Tour presentation
"It's a disgrace to the sport in general", Martin, a four-time time-trial world champion, said. I've got the support of an unbelievable team around me".

Dick Cheney Signs a Waterboard Kit in Teaser For Sacha Baron Cohen's New TV show
The video closes out with the text "Sacha graduates" and a logo for the now-defunct Trump University. And if the teasers he's posted to social media are any indication, we're in for a real treat.

Travis Pastrana beats Evel Knievel records with death-defying jumps
The first stunt takes aim at at Knievel's 1973 jump over 50 stacked, crushed cars, lined up 18 abreast, for 120 feet at the L.A. Pastrana will attempt to re-create, in order, Knievel's famous auto jump, bus jump and the aforementioned Caesars fountain.

Why Rafa Nadal won’t make the semis, and who can challenge Serena?
The 36-year-old Swiss served out the match with an ace out wide, winning in one hour and 45 minutes. Between these three players alone, there's more than a few Grand Slam titles - 49, in fact.

Donald Trump's scandal-hit environment chief Scott Pruitt resigns
Pruitt had become a constant source of embarrassment to a president who had entered Washington promising to "Drain the Swamp". Mike Pence that states: "Enclosed is an Action Plan for the Administration of President Donald J.

Latest

Tendencies