Posted: Tuesday, December 11, 2018
The lack of multi-factor authentication helped criminals to steal usernames, email addresses, social media tokens and 4.7 million phone numbers from 21 million users of social media app Timehop. The app, based in the cloud, resurfaces old photos and posts by connecting to your social media profiles. “Access tokens”, which are allocated to Timehop by social media providers, were also taken and could allow criminals to view a range of social media posts without permission.
Multi-factor authentication is the process of confirming your identity in two different ways before access is granted to an account or service, such as a PIN or password, a secondary device such a key fob or card reader, or via biometric data such as a fingerprint. We recommend that all our clients implement a multi-factor authentication process to help protect they IT systems and data.