Timehop app announces data breach of more than 20 million users

Ian Bush
July 09, 2018 - 3:19 pm



PHILADELPHIA (KYW Newsradio) — A data breach of a social media app has exposed the personal data of more than 20 million people. 

Officials from the Timehop app said names, email addresses and some phone numbers were stolen in the July 4 attack on its network.

It said no private messages, stored posts and photos, or financial data were taken.

Essentially a digital nostalgic photo album, Timehop displays your past Facebook, Instagram and Twitter posts from the same day of the current year, showing "this day in history."

The company said the "keys" that permit access to users' social media accounts also were compromised but have since been deactivated. Timehop said it found no evidence the attacker accessed anyone's accounts in the two hours and 19 minutes it took for engineers to shut down the breach.

The company admitted to carelessness: Its server didn't have multi-factor authentication enabled, a program often set up for online banking accounts, email accounts and any other app or service that offers the security of a password plus, for instance, a single-use code texted to your phone.