Timehop admits attacker stole 21 million users' data
Timehop admits attacker stole 21 million users' data
A Timehop security breach has resulted in 21 million users data being compromised. Jason Cipriani CNET
09 July, 2018, 20:40
However, although the hackers stole the "access tokens" provided to Timehop by its social media partners, it claimed these were quickly deauthorized and that there's no evidence of unauthorized access of user data through these tokens. Timehop engineers began to block the attack and lock down the compromised environment less than two hours after the attack began, the company says.
Most of the affected users had their social media names (not full legal ones) and email addresses compromised, but phone numbers were only stolen if you logged into the Timehop app using your phone number.
The breach also led to a loss of access tokens that the service uses to access users' posts on other social networks.
About 4.7 million of those accounts had a phone number attached to them.
In terms of how its network was accessed, it appears that the attacker was able to compromise Timehop's cloud computing environment by targeting an account that had not been protected by multifactor authentication. However, Timehop claims that the tokens were deauthorized and made invalid within a "short time window" and can not be used to gain access to users' social media profiles.
Some data was breached. This affects some 21 million of our users. Another thing the hackers got were the "keys" that allow the app to show you posts from the sources you've chosen. Timehop has "deactivated these keys so they can no longer be used by anyone - so you'll have to re-authenticate to our App". "We have now taken steps that include multifactor authentication to secure our authorization and access controls on all accounts".
We have been working with security experts and incident response professionals, local and federal law enforcement officials, and our social media providers to assure that the impact on our users is minimized. It doesn't store data like credit card information, location data or users' IP addresses either. Doing so may end up leading to a bunch of content being inaccessible for a while whilst a new set of keys establishes itself.
"The damage was limited because of our long-standing commitment to only use the data we absolutely need to provide our service", the company wrote in part.
In fact, the Timehop breach happened before the Gentoo one.
According to its preliminary investigation of the incident, the attacker first accessed Timehop's cloud environment in December - using compromised admin credentials, and apparently conducting reconnaissance for a few days that month, and again for another day in March and one in June, before going on to launch the attack on July 4, during a United States holiday. Following the attack, a number of new security measures have been introduced, including system-wide multi-factor authentication (many people will be concerned that this was not already in place).
There is no such thing as ideal when it comes to cyber security but we are committed to protecting user data.
For a long time it had been clear Boris Johnson was not happy with the prime minister's Brexit strategy. "I'm seeking Brexit. If Theresa May wants to break her manifesto pledges that is up to her [but] these things have consequences.
Mannarino fought back as he pushed Federer to 4-4, despite being unable to make any dents on his opponent's accurate serving. Djokovic, seeded 12th following time off with injury, will play Karen Khachanov last on the 11,000-seat No.1 Court.
Other Brexit-supporting Conservative MPs have criticized the Chequers deal, saying May's plans offered Brexit in name only . Davis' resignation was followed by that of Exiting the EU Minister Steve Baker.
Xiaomi's IPO began on Monday in Hong Kong to a fairly slow start, with trade slipping more than 2%, sometimes dropping by 5.88%. Despite Xiaomi's challenging debut, Reuters notes that Hang Seng - the Hong Kong stock market index - was 1.7 percent higher.
Prince William and Kate Middleton have opted for friends, rather than immediate family members, as is custom for royal children. The Lily Font is a silver baptismal font which was made in 1840 and has been a fixture at royal christenings since then.
The Leicester centre-half has impressed in Russian Federation this summer, helping England reach the World Cup quarter-finals. England's quarter-final triumph over Sweden will have at least doubled Harry Maguire's value.
The accused threatened to make the video viral if she reported the matter to anyone in the school or at her hom, she said. According to government records, 127 minors and women were subjected to rape in the first three months of 2018.
Below is a breakdown of each draw and a look at the four players with the best chances to advance to the men's and women's finals. Thirteen Wimbledon championships between them and 49 grand slam titles overall, it was quite the historic training run.
However, the club suits him down to the ground and he should settle in quickly, assuming he avoids injury. West Ham have been very active in the summer transfer window and have already made a number of signings.
EPA Head Scott Pruitt Resigns
According to The Washington Post , Pruitt pushed to find his wife a well-paying job with a politically connected group. In fact, he was the subject of multiple congressional and oversight inquiries; he denied wrongdoing in all cases.
Amazon Offers Free Echo Dot Ahead Of Prime Day
In the years since, Prime Day has grown into a shopping extravaganza in its own right, with deep discounts on all kinds of items. Amazon is offering Prime subscriptions in the Netherlands for €3.99 for the first month rising to €5.99 in September.
Starbucks is eliminating plastic straws from all stores
A plastic-straw ban in Seattle , Starbucks' hometown, took effect on July 1 , making it the first major city to take action. A number of local governments have recently passed legislation restricting the use and distribution of plastic straws.
Three Lions Is Officially Number 1 In The UK
Fans had descended at Clapham Junction and were clapping and cheering when the man chose to climb on top of the bus. Police have now confirmed that a woman suspected of having taken part in the vandalism has now been identified.
Eden Hazard lavishes praise on Kylian Mbappe
The diminutive winger is among the most-fouled players in the Premier League and the same has been true at the World Cup as well. Romelu Lukaku has been directly involved in 20 goals in his last 13 games for Belgium in all competitions (17 goals, 3 assists).
Mosquito surveillance in Monona County
Residents should also make sure that their window and door screens are in good fix to prevent mosquitoes from getting inside. Empty buckets, flower pots, old tires from holding water. "That includes any place where there is standing water".
Hartley to miss British GP qualifying after FP3 crash
Hartley was able to walk away from the incident, but the severe damage to his Toro Rosso means he might miss qualifying. The Toro Rosso driver crashed heavily at Brooklands after front left suspension failure pitched him into a spin.