Timehop, a smartphone app that helps you celebrate the best moments of the past with your friends, recently admitted to more data leakage because of a data breaches. The company first acknowledged the breach saying that users’ names, email addresses and phone numbers had been compromised.
Later, they added that additional information, including dates of birth and gender, were also leaked. This breach incident occurred when someone accessed a database in Timehop’s cloud infrastructure that was not protected by two-factor authentication. Referencing GDPR, Timehop said: “Although the GDPR regulations are vague on a breach of this type (a breach must be ‘likely to result in a risk to the rights and freedoms of the individuals’), we are being pro-active and notifying all EU users and have done so as quickly as possible. We have retained and have been working closely with our European-based GDPR specialists to assist us in this effort.”
LEARNING TIP: Have a proper data breach response guide in your company, so everybody knows what to do in the event of a data breach.
Read more about data breach responses.