Instead of invoking sweet memories from your past, TimeHop gives you some bitter moments. The official statement of the app’s website reveals that it has experienced a “network intrusion” that led to a breach of some of the users’ data.
As per the statement, the network intrusion took place at 2:04 US Eastern Time on July 4, 2018 – the Independence Day of the United States. This security breach will affect some 21 million TimeHop users.
TimeHop Security Compromised: Data Breached Following the Network Intrusion
Shedding lights on the reason for this security breach, the statement says, “The breach occurred because an access credential to our cloud computing environment was compromised. That cloud computing account had not been protected by multifactor authentication.”
However, after two hours of intrusion, TimeHop’s engineers were successful in locking out the attackers. About the security measures, the official TimeHop blog says, “We have now updated our security to alert on the kinds of activities that were conducted.”
But this intrusion has led to breach some of the data like names, some email addresses, and some phone numbers of customers have been compromised.
Moreover, attackers have also pilfered the access token provided to TimeHop by social media providers. Following this, the attacker can see some of the users’ social media posts without any permission.
TimeHop has terminated the tokens and the attackers can’t use them anymore.
TimeHop has come into action and it has conducted a thorough audit of all accounts, credentials, and permissions granted to all authorized users.
The social media app has roped in an experienced and well-known cybersecurity expert agency to investigate the attack; to understand the gravity of the crime and how users’ data is going to be affected.
For users, TimeHop requests them to revalidate their API credentials, as they are now null and void. Users will be asked to log in again to TimeHop and they have to authenticate each service again to use with TimeHop. New tokens will be generated by the app as the app has deauthorized the tokens.
If users had used their phone numbers for login, they need to talk to the respective mobile operators to ensure that their numbers cannot be ported.
The security breach is one of the biggest threats to social media channels. Such incidents put your privacy at risk as you might have shared many secret or private information. Would you like to share your private information with social media channels?
How much do you trust other social media apps like Facebook, Twitter, Instagram, or Google Plus?
Share your feedback in the comments section. Make sure to download our app to get more exciting and interesting stories.