News > Capital Markets

Hackers Steal Personal Data From 21 Million Users of Tech Startup's App

By NexChange
Capital Markets

Timehop – an app that archives your old photos and social media posts – disclosed in a blog post on Saturday that a July 4 security breach has compromised the data of about 21 million users.

Among the user data that was compromised includes dates of birth, gender, country codes, some phone numbers, email addresses and names. The company says that no private/direct messages, financial data, social media or photo content had been compromised.

According to its blog post, Timehop “observed a network intrusion” at 2:04 PM US Eastern Time caused by a compromised access credential to its cloud computing environment. The company indicates that this particular cloud computing account had been unprotected by “multifactor authentication,” but that it has “now taken steps that include multifactor authentication to secure our authorization and access controls on all accounts.”

After the attack was detected, Timehop’s engineers responded to the event and shut down the service. The company says that it has “been working with security experts and incident response professionals, local and federal law enforcement officials, and our social media providers to assure that the impact on our users is minimized.”

Per Timehop:

The damage was limited because of our long-standing commitment to only use the data we absolutely need to provide our service. Timehop has never stored your credit card or any financial data, location data, or (with respect to advertising) IP addresses (but we do log IP addresses for network audit purposes as described in our Terms of Service) ; we don’t store copies of your social media profiles, we separate user information from social media content – and we delete our copies of your “Memories” after you’ve seen them.

As TechCrunch notes, Timehop did not immediately disclose that its network had suffered a security breach, initially saying on Twitter that it had been shutdown because of “unscheduled maintenance.”

Users give Timehop access to its photos and social media accounts to archive its content. The New York City-based company has received about $14.1 million in funding to date, according to Crunchbase data.

Photo: Timehop


Subscribe to our Newsletter

Be one of the first to experience the future of financial services