If you use photo-sharing application Snapchat, hackers likely captured your phone number and username. Millions of Snapchat users throughout the U.S. and Canada were exposed to a leak caused by a major security hole in the application. A database containing 4.6 million phone numbers and usernames was posted on: http://www.snapchatdb.info/ however as of this writing, it appears that the site has been suspended.
The leak was conducted and exposed to “raise awareness on the issue,” because the hackers say that Snapchat took no steps to fix the exploit, which they and app users were aware of. The hackers released a statement saying:
“The company was too reluctant at patching the exploit until they knew it was too late and companies that we trust with our information should be more careful when dealing with it. Our motivation behind the release was to raise the public awareness around the issue, and also put public pressure on Snapchat to get this exploit fixed. It is understandable that tech startups have limited resources but security and privacy should not be a secondary goal. Security matters as much as user experience does.”
The anonymous hackers reported that the last two digits of the leaked phone numbers were censored “in order to minimize spam and abuse.” However they say that people can contact them for the uncensored version of the database, which they will release “under certain circumstances.” They also suggest searching for matching Facebook and Twitter accounts to determine the phone numbers because “people tend to use the same username around the web.”
Lessons Learned
The take-home message for users is that you should select different usernames and passcodes for the applications you use. Otherwise, hackers and cybercriminals can use your stolen information on a variety of your accounts. And the take-home message for applications like Snapchat is to ensure users’ secure information is totally protected and to repair any and all security holes in the application, or you risk losing your entire customer base.
Leave a comment!