MELANCHOLY GENERATING Facebook plug-in Timehop has admitted that more personal data was swiped than it originally thought, following its recent brush with cyber-buggers.
As we told you earlier in the week, Timehop was attacked on 4 July, saying that names, addresses and phone numbers were 'compromised'.
Now it admits that date of birth and gender info was also taken. It may not sound like much, but knowing your date-of-birth represents another soft security check that could be overcome. After all, how many times are you asked to confirm your date of birth for security reasons?
According to an update to its supremely honest and thorough FAQ, the Timehop team explained: "In our enthusiasm to disclose all we knew, we quite simply made our announcement before we knew everything.
"With the benefit of staff who had been vacationing and unavailable during the first four days of the investigation, and a new senior engineering employee, as we examined the more comprehensive audit on Monday of the actual database tables that were stolen it became clear that there was more information in the tables than we had originally disclosed.
"This was precisely why we had stated repeatedly that the investigation was continuing and that we would update with more information as soon as it became available."
Also buried in there is repeated confirmation that no sensitive data (eg. passwords, bank details etc) was accessed, nor are the memories - the data passed over from Facebook to become a ‘Timehop'.
Timehop is doing its utmost to show how absolutely ruddy sorry it is and denies it is drip-feeding on purpose.
"We recognize this second disclosure creates the sensation that we are releasing information slowly, in a 'drip drip' fashion, to mitigate the potential fallout," it said.
"We can only assure you that this is not the case. If anything, we are deeply embarrassed to have to make this secondary disclosure. We have invited journalists to view the files and get briefed on the response, and we expect they will provide their views independently of ours."
It also confirms that of the 20.4 million names taken, 3.8 million were in the GDPR zone. The figures vary in terms of dates of birth and gender but if the European Commission is watching this unfold, Timehop probably needs to get its chequebook out. This could get pricey. μ
Buy shares in VPNs now
Yes, even the one your wrote while you were steaming drunk
Tens of people inconvenienced