Timehop revealed that its security was breached and that the data of 21 million users was compromised.
The company behind the app -- which shows what you shared, tweeted or Instagrammed were taken.-- said it fought off a "network intrusion" on July 4, but the names, email addresses and some phone numbers of its users
About 4.7 million of those accounts had a phone number attached to them.
Timehop noted that none of its "memories" (the social media posts and photos the app stores) were accessed.
However, the access tokens that allow the app to link with social media sites such as Facebook, Twitter and Instagram were compromised, potentially allowing the thieves to view social media posts.
The company says it has no evidence that any unwanted viewing actually happened, but it has deauthorized all of the compromised tokens.
As a result of the breach, you'll have to log back into Timehop next time you load up the app and reauthenticate each service you want to use with it.
Timehop recommends that if you had a phone number attached to an account, you should take extra steps to ensure that the number isn't ported. In the worst case scenario, hackers could.
Depending on the provider, adding a PIN to the account can secure the account. In other cases, the provider can limit limit the number's portability.
The company said it has notified all EU users in accordance with the, or GDPR.
The security breach was possible because an access credential to Timehop's cloud computing environment hadn't been protected by multifactor authentication, but the company says it is now.
Twitter had no comment on the breach.
Neither Timehop nor Facebook immediately responded to requests for comment.
: A shift is coming.
: That's good, because the last update was during the George W. Bush administration.