Timehop database hack sees 21 million users' data stolen

Lloyd Doyle
July 9, 2018

Timehop, a mobile app that surfaces old social media posts from the same day but from previous years, has announced a security breach affecting its entire userbase of over 21 million users.

You may have noticed that you have been logged out of our App.

The company said it has reset all its keys out of "abundance of caution", which will require users to re-authenticate their Timehop accounts before again using its service. Timehop is in cooperation with local and federal law enforcement officials to investigate further on the breach, and to enhance its security upgrades.

Timehop users who are anxious the network intrusion and data breach might have impact their "Streak" - aka the number Timehop displays to denote how many consecutive days they have opened the app - are being reassured by the company that "we will ensure all Streaks remain unaffected by this event". While our investigation into this incident (and the possibility of any earlier ones that may have occurred) continues, we are writing to provide our users and partners with all the relevant information as quickly as possible. These include names, email addresses, and some phone numbers. "To reiterate: none of your "memories" - the social media posts & photos that Timehop stores - were accessed". Names, email addresses and phone numbers have been obtained, and the company urges users to take urgent steps to protect their cellphone numbers ... The attacker managed to access an internal database stole the personal data of 21 million users from Timehop's Cloud Computing Environment. The developer ensures that the contents of the posts users compiled through it, called "memories", were not accessed.

The New York-based firm discovered the attack at 2:04am US Eastern Time (7:04am BST) on July 4. Back in December, an unauthorized person used an admin's credentials to log into Timehop's cloud computing servers and create a new admin account.

According to its preliminary investigation of the incident, the attacker first accessed Timehop's cloud environment in December - using compromised admin credentials, and apparently conducting reconnaissance for a few days that month, and again for another day in March and one in June, before going on to launch the attack on July 4, during a United States holiday.

If you remember the Gentoo Linux incident, which caused us to say that "Linux experts are crap at passwords", you will see that history has repeated itself here.

In fact, the Timehop breach happened before the Gentoo one.

On July 4, 2018, Timehop experienced a network intrusion that led to a breach of some of your data.

Successful cyberattacks often turn out to have been brewing for some time - after all, it's hard to know where to look, and what to look for, if you're not aware that bad things have been happening in the first place.

Insist on two-factor authentication.

Other reports by Iphone Fresh

Discuss This Article