Popular digital nostalgia app, Timehop is the latest to face a major data breach affecting over 21 million users.
Whilst the majority of the US took part in their 4th July celebrations, global photo memory app, Timehop announced that they faced a major data breach which resulted in the personal data (names, email addresses) of 21 million users being compromised. Of the affected 21 million, around 4.7 million users also had phone numbers linked to their account which were also breached in the attack.
Timehop says it discovered the attack while it was in progress, on 4th July, and was able to shut it down two hours, 19 minutes later — albeit, not before millions of people’s data had been breached.
In a publicly disclosed blog post written by Timehop, it’s stated that no private/direct messages, financial data, social media or photo content, or Timehop data including streaks were affected.
The damage of the breach was limited because Timehop never stores any credit card details, financial data, location data, or IP addresses of its users. They don’t store copies of social media profiles, and copies of user “memories” are deleted once viewed by the user. This is a long-standing commitment Timehop has, which is to only use the data they need in order to provide its service.
So what’s next for Timehop?
Since the discovery of the data breach, Timehop has been working around the clock with security experts and law enforcement to ensure the impact on its affected users is minimalised. Users will find that they have been logged out of their accounts, which has been done in order to reset all the keys as a process of caution.
Timehop have also stated that they are working hard to limit the damage caused by the breach, and at this point in time is no evidence to suggest the data is being used.
Haven’t heard of Timehop?
Timehop – founded in 2011 – allows users to reminisce, celebrate and share old memories that have been posted on multiple social media accounts throughout their digital life. The app reminds users of past moments and stories that they may have otherwise forgotten about in a bid to build new ways of consuming, storytelling with, and finding meaning in our digital histories.
Timehop began as 4SquareAnd7YearsAgo, which was created at Foursquare’s Hackathon in February 2011. The original aim of the app was to build the service that would replay the past foursquare checkins in real-time. The product was simplified into a daily email. A few months later Jonathan Wegener and Benny Wong launched PastPosts.com followed by And7YearsAgram before finally merging under a single brand Timehop.
There is no such thing as perfect when it comes to cyber security, and even the most ‘protected’ companies can become vulnerable to a breach. That’s why it’s important to only hold onto the data your company needs, and to erase any unwanted data with a trusted data destruction partner.