Timehop, an app that uses social media posts to highlight memories, disclosed in a blog post Sunday that a major data breach on July 4 affected 21 million of its users.
According to the blog post, these individuals had some form of personal information — names, email addresses and/or phone numbers — stolen. About 4.7 million users of those affected had a phone number attached to their account. No financial data was stolen.
In addition, encryption keys that allow Timehop to read and show users their social media posts, excluding private or direct messages, were also compromised. "Access tokens" provided to Timehop by other social media sites, such as Facebook and Twitter, were also taken. These tokens identify specific social media accounts and their credentials, similar to how banks use account and routing numbers to send money.
Users will notice they have been logged out of their accounts. Timehop did this as a precaution and users will have to log back in and reauthenticate which social media channels they want attached to their account.
Those who used phone numbers to login into their accounts are encouraged to contact their phone providers.
More information can be found on Timehop's website.