Timehop was an app that would scrape your social media and "remind" you of anniversaries at a later date.
As such, it had to have permission to access your social media.
Well, it got hacked. (Well, maybe I shouldn't say it got hacked, since that implies some intelligence and sophistication on the part of the attackers. Actually, Timehop was just careless about passwords.)
Which means that someone has your passwords. Well, access tokens, anyway. (If you ever used Timehop, that is.)
Do you really need to give that app access to your accounts? (Not just Timehop, of course. Lots and lots and lots of apps ...)
Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413
This message may or may not be governed by the terms of