Timehop discloses July 4 data breach affecting 21 million

Jul 9, 2018 · techcrunch.com

Timehop

Timehop has disclosed a security breach that has compromised the personal data (names and emails) of 21 million users (essentially its entire user base). Around a fifth of the affected users — or 4.7M — have also had a phone number that was attached to their account breached in the attack.

The startup, whose service plugs into users’ social media accounts to resurface posts and photos they may have forgotten about, says it discovered the attack while it was in progress, at 2:04 US Eastern Time on July 4, and was able to shut it down two hours, 19 minutes later — albeit, not before millions of people’s data had been breached.

According to its preliminary investigation of the incident, the attacker first accessed Timehop’s cloud environment in December — using compromised admin credentials, and apparently conducting reconnaissance for a few days that month, and again for another day in March and one in June, before going on to launch the attack on July 4, during a US holiday.

Read Complete Article

RT @bloomingfoundrs: Get excited because there's only 4 more days until #bloomerama ! #education #femalefounders @techdotlondon @TheStartup…

London needs its young people alive, so spread this message: by carrying a knife you’re putting yourself in more da… https://t.co/oISPF3gOJI

#Cloud adoption in large companies was a key discussion point at #LTW - hear from John Abel @OracleCloud and Mark C… https://t.co/SRJchO0VPB

The man behind Obama's famous 2008 Hope poster on ambition, climate change and punk https://t.co/zeBJYDP4k6

W2 Global Data (W2GlobalData) provides identity verification services in a bid to prevent fraud and money laundering https://t.co/iGKdpYUagE