Timehop, which resurfaces old Facebook posts, says hack breached data of 21 million users

Ben Tobin | USA TODAY

Timehop, the company behind an app of the same name which shows what you posted on social media in previous years, said it “experienced a network intrusion” on July 4 impacting 21 million of its users.

In a blog post published Sunday, the company said that it disrupted the hacking effort, but the breach still compromised data including email addresses, names and phone numbers.

According to the company, the thieves could have carried out the breach by tapping into Timehop’s "access tokens," which allows the app to link to social media sites. However, the company has emphasized that there is “no evidence of, and no confirmed reports of, any unauthorized access of user data through the use of these access tokens.” The company has since terminated the tokens.

Timehop also said no private/direct messages, financial data, photos or social media posts were accessed by the hackers. To ensure user security, the company said it invalidated all API credentials, meaning users will have to log in again to Timehop and re-authenticate each service they want to use on the app.

The company is advising users “take additional security precautions” with their cellular providers to avoid porting – a process by which hackers can gain control of one’s phone services and use it to get past added security measures on financial accounts and logins.

Timehop is currently working with local and federal enforcement officials to investigate the security breach.

Founded in 2011, Timehop collects old posts social media sites like Facebook, Twitter and Instagram and resurfaces them on the same day of original posting.

Follow USA TODAY intern Ben Tobin on Twitter: @TobinBen