When you opened your Timehop app today to travel back in time and see photos you shared, tweets you posted on this day, you might have noticed you were logged out. You might have been worried about losing your streak, but there was something far worse that could have been compromised. It turns out the reason you had to re-authenticate to the app was due to a massive data breach Timehop revealed.
The security breach compromised the personal data (emails, names) of 21 million users, that’s basically all of Timehop’s entire user base. In a blog post, Timehop disclosed on its blog they noticed the intrusion while it was happening at 2:04 US Eastern Time on July 4 and shut it down 2 hours and 19 minutes later. Unfortunately, the damage was already done, and millions of user’s data were breached while they enjoyed their hot dogs while listening to Scorpion at a BBQ.
The data breach was pulled off a few days ago, but according to Timehop’s investigation, it all began when the attacker accessed its cloud environment using stolen admin credentials. The hackers even conducted reconnaissance for a few days, one day in March 2018, and another in June 2018, before hitting the start button during the U.S. holiday.
Timehop confidently states that “there was no evidence of the compromise of social media data.” The company also makes it abundantly clear that it does not have access to your Instagram and Twitter direct messages, Facebook Messenger or wall posts from friends.
“We want to be clear that these tokens do not give anyone (including Timehop) access to Facebook Messenger, or Direct Messages on Twitter or Instagram, or things that your friends post to your Facebook wall. In general, Timehop only has access to social media posts you post yourself to your profile.”
Despite taking a few days to reveal the incident took place, the company was very open in sharing the details of the breach. But if you only followed Timehop’s company Twitter account, you are being told another story.
If for some reason you are still worried about your streak after all of this? Don’t worry Timehop has you covered.
People’s trust with social media is still shaken due to Facebook’s Cambridge Analytica data scandal so and this definitely doesn’t help. Even though Timehop took the correct steps during its investigation, they did take a few days to inform users of the breach. That might rub some people the wrong way and turn them away from the popular service. We shall see if there is any fallout from the July 4th intrusion. Does this scare you from using the app again? Let us know in the comments below.
Photo: TimeStopper / Getty