Snapchat Users Unhappy, Hackers Soon To Expose 4.6 million Phone Information
Snapchat security concerns and privacy related problems don’t seem to end for the time
being. A few days ago a security research group had claimed to found vulnerability in the
Snapchat’s messaging services which could allow the cyber hackers and attackers to match
the phones numbers with their respective Snapchat accounts. Now hackers had made their
way through that loop hole and they had started posting online the phone numbers paired
with the users names of more than 4.6 million Snapchat users.
An Independent Website Bent Upon Revealing the Hacked Data
The website in question is called ‘SnapvhatDB.info’ which had saved usernames and phones
numbers of millions of Snapchat account and making the information available for the
download. This website had since been suspended by the hosting service. This website seems
to have been created in response to recently identified flaws in Snapchat’s security.
SnapchatDB.info had said in post on its website that the information was acquired through
the recently patched Snapchat exploit and they are about to release this information in order
to raise public awareness on this issue. It had accused the Snapchat of being too reluctant in
patching the exploit and by the time they knew about it was too late. It further stresses that
the companies which people trust with their private information should certainly be more
careful while dealing with it.
A little Bit Of Relief For Snapchat Users
The hackers had gave little bit of relief to the Snapchat users by stating that they
had ‘censored’ the last two digits of the phone numbers for the time being in order to
minimize spam and abuse. It also encourages the people to contact them for the uncensored
database which they might agree to release under specific circumstances.
Snapchat Introduces Additional Counter Measures
Gibson Security had earlier published a proof-of-concept code which takes the advantage of
the ‘find_friends’ feature in Snapchat’s API (Application Programming Interface) to iterate
and match the phone numbers with Snapchat accounts in short time. Hackers had taken the
very same route to extract the phone numbers and other information.
Snapchat had said that the hackers aren’t successful in their attempt in order to soothe their
users. Snapchat states that matching the phone number and users names and placing that
information in a database in only possible ‘theoretically’. Snapachat had over the year had
implemented various safeguards to make it difficult. It has also added additional counter-
measure and they are continuously making improvements to combat spam and abuse.
Your Username Matters A Lot
The Gibson Security and SnapchatDB both makes it clear to the unsuspicious Snapchat users
that the ephemeral feature of the messaging services is not a safeguard against the privacy. It
would certainly be a big mistake to be lulled by the sense of security about the information
stored on the Snapchat app. SnapchatDB has also stated that people tend to use the same
username on the web, therefore their leaked information could even be used to find phone
number information associated with Facebook and Twitter accounts.