In July 2018, Timehop, a small cloud-based company that retrieves old social media content for users as part of what it calls the “digital nostalgia” category, reported that its database of 21 million users had been breached. About 4.7 million records were stolen with information that included user names, email addresses, and phone numbers.
According to the company’s incident response team, the cause of the security breach could be traced to the fact that there was no multifactor authentication required to access its cloud computing environment. The company has since updated its cybersecurity protocols to include multifactor authentication, but that is little comfort to the 4.7 million users who have had their sensitive personal information stolen by unknown individuals.
While the benefits of cloud computing for enterprises, employees, and customers in terms of convenience, performance, scalability, and overall cost can’t be denied, those benefits come with a certain amount of inherent risk. To mitigate that risk, all stakeholders should embrace a corresponding level of cybersecurity procedures and protocols, including multifactor authentication.