Snapchat is far from anonymous: 4.6 million users have personal info released

By End the Lie

(Image credit: jdlasica/Flickr)

(Image credit: jdlasica/Flickr)

Snapchat, which was thought to be a private messaging app for the iPhone, exposed some 4.6 million users after hackers released a database with apparent Snapchat usernames and partial phone numbers.

Read our latest articles: “Shipping companies remain tight-lipped over NSA reportedly intercepting packages” and “NSA reportedly has backdoor access to iPhone, can remotely activate mic and camera

The exploit that enabled the usernames and phone numbers to be released was reportedly brought to the Snapchat company months ago to no avail.

On Christmas Day, ZDNet reported that Gibson Security, the group of hackers that discovered the exploit, notified Snapchat of the problem in August.

Gibson Security published a security advisory the same month after Snapchat did not respond or take action.

The exploit could have been fixed by “ten lines of code” and would have never appeared “if they followed best practices and focused on security (which they should be, considering the use cases of the app),” Gibson Security said.

In its Christmas release, Gibson Security also alleged that Snapchat’s statements to investors and the press are entirely false.

Two days after the Gibson Security release, the company downplayed the hack and said they “recently added additional counter-measures and continue to make improvements to combat spam and abuse.”

Yet the database, known as SnapchatDB, was still published publicly (though the site was quickly suspended).

The hackers said they made the data available “in an effort to convince the messaging app to beef up its security,” according to Tech Crunch.

“It is understandable that tech startups have limited resources but security and privacy should not be a secondary goal,” SnapchatDB said in a statement. “Security matters as much as user experience does.”

Even after the hackers found the exploit and notified Snapchat, the company only put minor hurdles in place.

“Even long after that disclosure, Snapchat was reluctant to taking the necessary steps to secure user data,” the SnapchatDB release said. “Once we started scraping on a large scale, they decided to implement very minor obstacles, which were still far from enough. Even now the exploit persists.”

The problem apparently remains unaddressed by the company and leaves millions of users exposed.

“It is still possible to scrape this data on a large scale. Their latest changes are still not too hard to circumvent,” the hackers said.

One reader told Tech Crunch that he was able to find “his own number, that of several friends and Snapchat founder Evan Spiegel in the list.”

The SnapchatDB hackers told The Verge that they used a modified version of the exploit published by Gibson Security. Clearly, Snapchat didn’t actually patching the problem.

“Snapchat could have easily avoided that disclosure by replying to Gibsonsec’s private communications, yet they didn’t,” the hackers said.

The SnapchatDB website has been taken down, but it is “not due to legal action,” according to the hackers.

The uncensored database is being offered by the hackers to some who ask, according to The Verge.

Concerned users can use a website by developer Robbie Trencheny to see if their username is included among the 4.6 million.

As of Wednesday morning, Snapchat had not replied to a request for comment from The Washington Post.

As Tech Crunch rightly notes, users should avoid being lulled into a false sense of security about the privacy of their information stored with Snapchat.

We would love to hear your opinion, take a look at your story tips and even your original writing if you would like to get it published. Please email us at [email protected]

Please support alternative news and help us start paying contributors by donating, doing your shopping through our Amazon link or check out some must-have products at our store.

Top Search Terms Used to Find This Page:

One Response to Snapchat is far from anonymous: 4.6 million users have personal info released

  1. Ria January 1, 2014 at 3:47 PM

    first comment of the year hahah. ok im glad i dont have a snapchat.

    Reply

Leave a Reply

Your email address will not be published.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Advertise on End the Lie


Would you like to have your business or service exposed to thousands of people every day here at End the Lie? We have a wide variety of options available all at unbeatable prices. At the same time you will be supporting a truth-oriented alternative news outlet as well as hardworking independent journalists across the United States and the world.

If you would like to know more please email us and please be sure to include the details of what you are advertising, what your budget is and what type of advertising format you are looking for, including size(s), length of advertising period and any other pertinent details. The more information you give us, the more accurate the quote will be. We might also be able to work out some unique advertising tailored to your needs so feel free to contact us with questions and ideas.

Note: our advertisers have absolutely no input in what we cover or how we cover it. If this is problematic, you might want to seek out another news outlet. Here at End the Lie we put the truth first and thus no sponsor will be able to control our content. We reserve the right to refuse service to anyone and we will not advertise pornography or anything which might otherwise be illegal.