A recent security breach has hit 4.6 million Snapchat users, after at least one previous warning of security holes in the company’s computer network.
Online chat service Snapchat has suffered a security breach that led to the public disclosure of 4.6 million usernames and attached phone numbers. The hackers didn’t publish the last two digits of each phone number, providing a layer of privacy protection for the compromised users.
In late December, researchers published Snapchat code that made it possible to match up phone numbers to individual Snapchat accounts. The company was too slow to respond to security issues, and that is when the SnapchatDB hackers took matters into their own hands.
A Snapchat hack lookup solution made by Gibson Security is now available and searches the database by username.
The information was initially posted on SnapchatDB.info, and usernames and phone numbers were publicly listed. Even accounts designated as “private” were exposed using an exploit that has now been patched – and is a painful message Snapchat must discuss with users.
“Our motivation behind the release was to raise the public awareness around the issue, and also put public pressure on Snapchat to get this exploit fixed,” a message on SnapchatDB.info proclaims. “It is understandable that tech startups have limited resources but security and privacy should not be a secondary goal. Security matters as much as user experience does.”
The website has been temporarily removed, but the userbase has been widely mirrored and shared across the world.
User information including full names, Social Security numbers, phone numbers, and banking/credit information is routinely stolen and shared online. U.S. retailer Target had the debit account and pin number information along with credit card numbers of 40 million customers stolen, while the black market for compromised information drastically increases.