Story image

Time capsule app TimeHop breached, 21 million users affected

10 Jul 2018

US-based time capsule app TimeHop suffered a data breach on July 4 that affected 21 million users.

This intrusion led to a breach of some data including names, email addresses, and some phone numbers. In a statement released on its site, TimeHop says, “No private/direct messages, financial data, or social media or photo content, or Timehop data including streaks were affected.”

The statement details how the breach unfolded.

At 2:04 US Eastern Time in the afternoon of July 4, Timehop observed a network intrusion.

The breach occurred because an access credential to TimeHop’s cloud computing environment was compromised.

That cloud computing account had not been protected by multifactor authentication.

TimeHop said it has now taken steps that include multifactor authentication to secure authorisation and access controls on all accounts.

The attack was detected, and two hours and nineteen minutes later, and TimeHop’s engineers locked out the attackers.

Cybersecurity companies have chimed in to comment on the breach.

RedLock CEO and co-founder Varun Badhwar says, “27% of organisations have experienced potential account compromises.

“When organisations embrace the shared responsibility model of cloud computing, which directs them to provide their own security ‘in’ the cloud, and when they adopt a cloud threat defence strategy, account compromises can be mitigated, if not totally prevented.”

Barracuda Networks network security VP and general manager Dr Klaus Gheri says, “This follows a trend for basic security best practices not being followed by organisations who should know better.

“While it’s heartening to see that Timehop is now using multi-factor authentication (MFA) since the breach took place, they should have used it from the beginning. “With 83% of organisations using public cloud for storage (according to a survey we carried out last year), not following basic security advice like this is potentially giving criminals a very successful and easy ‘back door’ into thousands of organisations worldwide,” Gheri says.

Verodin behavioural research team head James Lerud says, “Timehop were able to begin remediation actions about two hours after detecting malicious activity, which is a very good response time.

“Their decision to deactivate access tokens is the right move, but should also serve as a reminder to regularly review what apps have access to your social media accounts."

Mozilla launches Firefox Send, an encrypted file transfer service
Mozille Firefox has launched a free encrypted file transfer service that allows people to securely share files from any web browser – not just Firefox.
Ransomware’s decline equals cryptomining’s rise
ESET’s Security Days Conference recently took place to go over the current threat environment and what to look out for next.
IoT and DDoS attacks: A match made in heaven
A10 Network’s Adrian Taylor uses findings from a number of reports to illustrate his point that advances in technology are facilitating cybercrime.
ForgeRock launches Sandbox-as-a-Service to facilitate compliance
The cloud-based testing environment for APIs enables banks to accelerate compliance with Open Banking and PSD2 deadlines.
Cloud application attacks in Q1 up by 65% - Proofpoint
Proofpoint found that the education sector was the most targeted of both brute-force and sophisticated phishing attempts.
Singapore firm to launch borderless open data sharing platform
Singapore-based Ocean Protocol, a decentralised data exchange that promotes data sharing, has revealed details of what could be the kickstart to a global and borderless data economy.
Huawei picks up accolades for software-defined camera ecosystem
"The company's software defined capabilities enable it to future-proof its camera ecosystem and greatly lower the total cost of ownership (TCO), as its single camera system is applicable to a variety of application use cases."
Barracuda expands MSP security offerings with RMM acquisition
Managed Workplace delivers an RMM platform with security tools and services, such as site security assessments, Office 365 account management, and integrated third-party antivirus.