Timehop – an app that resurfaces old posts from social media accounts like Facebook, Twitter, Instagram, and Dropbox, suffered a data breach on July 4th, the Independence Day, reveals the company. The hack has compromised data of 21 Million users, and the data include names, email addresses, and phone numbers primarily. The hacker made an entry into the company’s database via the cloud. The cloud computing account owned by the company lacked multilevel authentication, and the hackers continued the operation for two hours until the company noticed the breach and interrupted it.
The company assures that none of the user’s private messages, financial data, Timehop data, or social media content, or so was affected. It is identified that the hacker had actually begun accessing the Timehop’s cloud account through fake admin credentials, since last December. And the hackers made infrequent visits to the account and did not carry out an attack until July 4th.
The company suspects that the attacker could have had access to social media posts of affected users, although there is no evidence supporting it. However, Timehop employs cybersecurity experts who will track to find out whether the email addresses, names and other user information appears on forums and lists on the internet and the dark web.
As a precaution, users have been logged out of the app and the company has shut down access urging users to reauthorize the app. Timehop also added multifactor authentication to its cloud-based accounts and increased monitoring activities.