Oh serviceman, look at those old app icons !

Image: raymond wong/ mashable

If you’re a Timehop customer, we’ve got some really bad news. The app, which reminds you of your past social media posts, says it was spoofed on July 4.

Timehop says some 21 million useds are affected by the data infraction, which exposed information such as reputations, email addresses, and phone numbers.

In a company blog pole, Timehop tells although women learned of the hacker while it was happening and was able to interrupt it, “data was taken.”

The cause of the hacker: Apparently, the company’s shadow computing account wasn’t protection of multi-factor authentication. Timehop reads it’s beefed up its security since the incident.

( Now’s a good time to remind you to set up two-factor authentication, aka 2FA, to protect your data for any apps and works that support it. There’s genuinely no reason not to .)

Timehop suggests the “keys” that are used to link your social media chronicles to the app were violated. As a answer, the company’s logged all users out of the app to reset the keys. Customers will need to log back into all their accountings to re-link them.

“Timehop has never stored your credit card or any business data, orientation data, or IP address; we don’t store two copies of your social media profiles, we distinguish user message from social media content — and we delete our two copies of your “Memories” after you’ve seen them.”

Your social media content is safe

Aside from the aforementioned refers, email, address, and phone number, it performs all other data is safe.

“No private/ direct senses, financial data, or social media, or photo material, or Timehop data including stripes were affected, ” the blog post states.

Additionally, the company pronounces no social media affixes were accessed by the interlopers. That encompasses any data from third-party services you may have linked to Timehop, such as Facebook, Instagram, Twitter, Google Photos, Swarm, Dropbox, etc.

How to protect your potentially plagiarized phone number

There are two ways to log into Timehop: with a Facebook account or your phone number.

If, like me, “youre using” Facebook to log into the app, your phone number is safe.

“FB’s API wouldn’t have given a phone number to us , nor would it allowed the purposes of applying a telephone number to access anything, ” Rick Webb, Timehop’s COO, confirmed to Mashable over email. “On top of that, the signs were invalidated before used.”

However, if you use your phone number as your sign-in, then it’s been embezzled by the hackers and you’ll want to take extra measures to protect it from being ported. As 9to5Mac documents, ported figures could be used to obtain 2FA systems for bank accounts.

“Those who use a phone number as a login had their phone number endangered, but it is unrelated to their FB credentials, ” Webb said.

Timehop suggests of the 21 million accounts that are affected by the hacker, about 4.7 million of them have a phone number attached to them.

Here’s what Timehop recommends doing if you use your phone number as your login 😛 TAGEND

If AT& T, Verizon, or Sprint is your provider, this is accomplished by contributing a PIN to your detail. Witness this article for additional information on how to do this.

If you have T-Mobile as your provider, call 611 from your T-Mobile device or 1-800-937-8997 and ask the customer care representative to assist with restriction portability of your phone number.

For all other providers, please contact your cell carrier and ask them how to limit porting or contribute protection to your account.

Should you be worried?

Maybe.

Even though Timehop has increased its security, the plagiarized data could still surface online. If your note is altered, make sure you keep an eye out for any suspicious activity.

Timehop even urges there’s a good chance the embezzled data could surface( emphasis ours ):

Timehop has retained the services offered of a well established cyber threat intelligence firm that has been endeavouring evidence of use of the mailing address, phone numbers, and honours of users, and while nothing have appeared to date, it < strong> is a high likelihood that they soon will appear in gatherings and be included in inventories that run on the Internet and the Dark Web .

If you don’t use Timehop , now’s a good time to either remove your chronicle or de-authorize any related social media reports. Both can be done from within the app’s lays page.

Read more: http :// mashable.com /