Snapchat users found their data exposed when hackers downloaded the usernames and phone numbers of 4.6 million accounts.
The stolen information was placed on the now-suspended http://www.snapchatdb.info/. Although the hackers censored the last two digits of every phone number, they offered the possibility of access to an uncensored list under certain circumstances.
Snapchat, the real-time picture chatting app for iPhone and Android, lets users share photos and videos that disappear after a few seconds. As the files delete themselves after being viewed, it gives some reassurance to the user that their images are not being stored.
Although Snapchat offers users tips for safety and security when using the app, Snapchat ignored vulnerabilities in their app, pointed out by Gibson Security.
Snapchat responded in a blog, highlighting that “over the past year we’ve implemented various safeguards to make it more difficult to” create a database matching usernames and numbers.
Following the hack, Gibson Security tweeted “we know nothing about SnapchatDB, but it was a matter of time til something like that happened. Also the exploit works still with minor fixes”.
As social media continues to grow as a platform for personal and professional interaction, will this hack encourage greater app security in 2014?
PrivSec Conferences will bring together leading speakers and experts from privacy and security to deliver compelling content via solo presentations, panel discussions, debates, roundtables and workshops.
For more information on upcoming events, visit the website.
comments powered by Disqus