A Timehop data breach has struck one of the most popular apps, which is designed to unearth old posts from its users’ social media apps.

Here are seven things you should know about the incident:

• The Timehop data breach reportedly took place on July 4th, according to a statement released by the company on Sunday.
• The data of approximately 21 million users was stolen by the hacker, including names, email addresses and some phone numbers.
• The hacker reportedly entered the company’s cloud computing account because it wasn’t protected by multifactor authentication, which is considered to be essential to ensuring the security of data in today’s day and age.
• The hacker then transferred data and attacked Timehop’s production database.
• The company said that it noticed the breach two hours after it started and was able to interrupt it, but not before user data was stolen.
• There is some user information that was not affected, including private messages, financial data, social media content and Timehop data.
• The hacker begun accessing Timehop’s cloud computing account by entering an admin user’s credentials back on December 19th last year and created a new admin account. They then logged in twice in December, once in March and once in June to survey the company’s cloud data, but the attack wasn’t carried out until July 4th.