Timehop data breach may have compromised 21 million email addresses

what facebook users should know about cambridge analytica and privacy mobile v1

Names and email addresses of as many as 21 million Timehop users may have been compromised as a result of a data breach that occurred on July 4. Timehop, a service that aggregates old photos and posts from various social media accounts — including Facebook, Instagram, Twitter, Google Photos, and Dropbox — discovered the attack on its service as it was unfolding, but it took several hours for the company to contain the breach.

“On July 4, 2018, the attacker(s) conducted activities including an attack against the production database, and transfer of data,” the company revealed a few days following the breach. “At 2:43 pm U.S. Eastern Time the attacker conducted a specific action that triggered an alarm, and Timehop engineers began to investigate. By 4:23 p.m., Timehop engineers had begun to implement security measures to restore services and lock down the environment.”

Timehop’s initial investigation revealed that no user content was compromised as a result of the breach. Engineers deactivated keys that linked Timehop’s service with other social media platforms as a response, so users will have to re-authenticate with those services. Still, in addition to names and email addresses, as many as 4.7 million phone numbers may have also been exposed as a result of the attack, TechCrunch reported.

“While we were confident that the access keys to those services had not been used, we felt that potential exposure of that content urgently justified a service interruption to ensure that attackers could not, for example, view personal photos,” the company said. “Through conversations with the information security, engineering, and communications staff at these providers, we were able to deactivate the keys and confirm that no photos had been compromised.” Timehop further noted that these tokens would not have given anyone access to private information, such as Facebook Messenger messages or Twitter Direct Messages.

According to the company, the first stage of the attack occurred on December 19, 2017 when an unauthorized user obtained the credentials of an administrative user to create a new administrative-level account. The attacker was able to do this because the original administrative account was not protected by multi-factor authentication, and Timehop has since taken steps to secure accounts to prevent another similar attack from happening. The attacker used the newly created administrative account to log into Timehop’s servers in March and June, with the attack taking place in July.

Although the attacker may have had access to some of your social posts on Facebook, Instagram, and Twitter, Timehop informed users that “there was a short time window during which it was theoretically possible for unauthorized users to access those posts.” Despite the security breach, Timehop maintains that it found “no evidence that any accounts were accessed without authorization,” and it claims that because it pulls only the data that it needs for the service, it was able to minimize a potentially larger exposure.  Timehop has notified law enforcement about the breach and retained the services of a cybersecurity agency to monitor the dark web to ensure that user data doesn’t get leaked.

Social Media

Facebook says it unintentionally uploaded email contacts of 1.5 million users

Facebook says that over the last two years it unintentionally uploaded the email contacts of 1.5 million users as they signed up to the social networking service. The process has ended and the email addresses are being deleted.
Movies & TV

Clip from John Wick: Chapter 3 confirms the dog is totally fine

John Wick: Chapter 3 — Parabellum, the third installment of the wildly successful action series that stars Keanu Reeves as a deadly assassin forced out of retirement, hits theaters in May 2019. Here's everything we know about it so far.

Samsung Galaxy S10 update gives manual control of Bright Night mode

Samsung 2019 flagship smartphone lineup is here, and there aren't just two phones as usual — there are four. There's the Galaxy S10, S10 Plus, as well as a new entry called the S10e, as well as the Galaxy S10 5G.

Microsoft says hackers were able to view Outlook.com emails

Microsoft's Outlook.com email platform saw a massive breach that caused confidential data to be accessed by hackers for months. It now appears the problem might have been much worse than initially thought, and worse than Microsoft admitted.

AMD Ryzen CPU prices get slashed ahead of Ryzen 3000 release

AMD's Ryzen CPUs have had their prices slashed as we edge towards the release of their third generation. Whether you're a gamer or someone who needs multi-threaded performance, there's a deal for everyone with some heavy discounts to take…

The number pad on HP’s Chromebook 15 makes spreadsheet work a breeze

HP's Chromebook 15 comes with a 15.6-inch display, a metal keyboard deck with full-size keys, and a dedicated number pad, making it the second Chromebook model, following Acer's Chromebook 715, to be suited for spreadsheet work.

AMD’s 2020 Ryzen CPUs could have a big boost in power efficiency

The sequel to AMD's Zen 2-based Ryzen 3000 CPUs is slated for a 2020 release and when it arrives, could leverage the new Zen 3 architecture to deliver impressive gains to performance and power efficiency.

Worried about your online privacy? We tested the best VPN services

Browsing the web can be less secure than most users would hope. If that concerns you, a virtual private network — aka a VPN — is a decent solution. Check out a few of the best VPN services on the market.

Gaming on a laptop has never been better. These are your best options

Gaming desktops are powerful, but they tie you down to your desk. For those of us who prefer a more mobile experience, here are the best gaming laptops on the market, ranging from budget machines to maxed-out, wallet-emptying PCs.

Here's how you can download the best free music players for your Mac

Tired of your Mac's default music player? Take a look at our picks for the best free music players available for your Apple rig. Whether you're a casual listener or an audiophile, you're sure to find something that fits your needs here.

Want to make calls across the internet for less? Try these great VOIP services

Voice over IP services are getting more and more popular, but there are still a few that stand above the pack. In this guide, we'll give you a few options for the best VOIP services for home and business users.

Transform into the ultimate leader with our tips and tricks for Civilization 6

Civilization VI offers both series veterans and total newcomers a lot to chew on from the get-go. Here are some essential starting tips to help you master the game's many intricacies.

The iPhone’s Screen Time and Siri Shortcuts could land on Macs this year

For its desktop computers, it appears that Apple may continue to draw from the iPhone for inspiration. iOS 12 features, like Screen Time and Siri Shortcuts, are believed to be making their way to MacOS this year at WWDC in June.

Dell slashes prices of XPS 13 and Alienware 17 laptops in latest promo

Dell's latest promotion will score you big savings on the XPS 13 or the Alienware 17. The stylish XPS 13's discount is for $430, and only the rose gold model is on sale, while gamers who choose the Alienware 17 will save $860.