Timehop says some 21 million accounts were affected with a name and email, and 4.7 million of those accounts have a phone number attached to them

Published 5:50 PM, July 09, 2018

MANILA, Philippines – Social media service Timehop revealed over the weekend it had been the victim of a data breach on July 4, compromising the names, email addresses, and phone numbers of its user base.

According to a post on the data breach, "Some 21 million accounts were affected with a name and email. Just under 22%, or 4.7 million of those accounts have a phone number attached to them."

Timehop said none of the users' “memories” – the social media posts and photos that Timehop stores – were accessed.

Timehop's technical report explained what had occurred: "On December 19, 2017, an authorized administrative user's credentials were used by an unauthorized user to log into our Cloud Computing Provider. This unauthorized user created a new administrative user account, and began conducting reconnaissance activities within our Cloud Computing Environment."

Over the next few months, it appeared the attacker logged into the new administrative account over the first two days, then again in March and June 2018.

The attacker began an attack at 2:04 pm US Eastern Time on July 4,conducting a number of activities, including attacking the production database and transferring data. This set off an alarm that caused Timehop's engineers to spring to action.

The engineers were able to "implement security measures to restore services and lock down the environment" by 4:23 pm, two hours and 19 minutes later.

Timehop added "tokens" provided by social media profiles to allow the service to resuface posts and images were also taken, though the service also said the tokens were deauthorized within "a short time window," preventing the attackers from using the tokens to access users' social media profiles.

Timehop said it is working with law enforcement officials and security firms to find out who attacked the company and improve Timehop's security. The company also informed European users of the security breach. – Rappler.com