Personal details of 4.6 million Snapchat accounts have been hacked and posted online. The hugely popular photo-sharing app has been targeted by hackers looking to shame Snapchat — and by extension, other apps and companies — into improving security, with experts warning “everyone is still at risk.”
Hackers created a website called SnapchatDB that publicly displayed the usernames and details of millions of users, but mercifully spared the last two digits of the phone numbers. To crack the data, the hackers exploited a loophole recently identified by security company Gibson Security.
“Our motivation behind the release was to raise the public awareness around the issue,” the hackers told TechCrunch, “and also put public pressure on Snapchat to get this exploit fixed.”
Gibson Security, which identified the exploit but was not involved in the hack, told me, “The exploit still works with minor modification and everyone is still at risk. Snapchat need to improve their response and handling of security situations such as these, as well as audit and rate limit (correctly) their API.”
Snapchat is a messaging service that lets you send a photo to a friend’s phone — which then deletes itself 10 seconds after it’s received. By the end of last year the service was sharing 150 million photos in a day, more than three times the number of pictures shared on Instagram. Snapchat has become popular among younger phone owners, and, inevitably, is often used to exchange saucy snaps — which could lead to embarrassment after the service also admitted it’s “sometimes possible” to recover deleted photos.
For more on staying safe online, whether you need help with a problem, you want to talk to someone or just find out more, there are lots of places you can get help — check out Childline or Think U Know who can help out or answer your questions. And parents can find out more about Snapchat in the app’s parents’ guide.
Has privacy disappeared like a deleted photo, or should Snapchat and other services make it a priority? Share your thoughts in the comments or on our Facebook page.