Dear user,
We got reported that we had a data exposure on one of our servers. After some investigations, we can give you more details here.
The data exposure was caused by a misconfiguration on our logging server on Jan. 2020. One security researcher from Texas, US found this misconfiguration and made some researches on that. We immediately corrected this configuration shortly after we got the report.
The logging server is used to store some logging information sent from our apps for diagnostics purpose so we can help our users to solve their problems they met. The exposed data are all from this single server, not from our main databases.
A very small portion of user’s data was exposed.
According to our network activity monitor, there is not evidence shows other people except the researcher and journalist who wrote the report have accessed the data.
However, we do take our responsibility to make sure your data is safe. We are invalidating all of the user’s data since last year even they are not recorded in the logging server, which means even anyone did get the links they won't be able to get the content, so your photos and videos will be safe. Besides this, we're also walking through our whole system to make security improvements.
We're deeply sorry but you may have been affected, please accept our deepest apologies for the worry and inconvenience.
We think there are no actions you need to take, however, if you encounter any problem or need some help about that, please don't hesitate to contact us.
We apologize for those users who may affected. And we will continually keep our best to make your precious data SAFE in TimeHut.
Jason
CEO of TimeHut