CYBER BLOG: Another week, another breach

CYBER BLOG: Another week, another breach

It’s another week, and there is news of another major breach. This time it is the popular Timehop app that has revealed that last week it was involved in a breach that has reportedly compromised the personal data of all its 21 million users.

Timehop is a social media app that collects old photos and posts from Facebook, Instagram and Twitter and lets you find what you were doing on this day a year ago. A bit like Facebook’s memories section. On Sunday, the company revealed that their entire database, including user’s names, email addresses and a large number of phone numbers attached to accounts had been compromised. In addition to this the company have said that authorisation tokens that could have potentially allowed hackers to view Facebook posts of users were also compromised.

The company claims to have learned of the breach as it was still in progress and were able too interrupt the breach. They immediately took action to make the compromised authorisation tokens invalid, so these tokens can no longer be used. All users of the app have been signed out. Timehop are confident that nobody’s private/direct messages were accessed, and that no financial, social media or photo content was accessed by the hackers.

The advice for users of the app who used their phones to connect to Timehop is to contact your mobile phone provider and ask them to take additional security precautions to prevent hackers from transferring the number to another sim.

Timehop claim that the breach occurred due to ‘an access credential to our cloud computing environment was compromised’ This just highlights the need for good, strong and unique passwords for accounts and also the importance of turning on Two-Factor Authentication for all accounts.

To discuss your Cyber Security needs please email [email protected]

Gerry Grant, Chief Ethical Hacker

Related News

Member Log-In

Welcome to the SBRC Members Lounge, login details will be issued to members in due course.

Forgot password?