Snapchat data leak: 4.6M usernames, numbers revealed
MANILA, Philippines – In an effort to make photo-sharing application Snapchat enhance its security, someone attempted a direct approach to gaining the company's attention, putting up a website that reveals 4.6 million accounts' saved usernames and phone numbers.
The site, SnapchatDB.info, says it acquired the information "through the recently patched Snapchat exploit" and is sharing it with the public "to raise awareness on the issue."
The exploit, mentioned in a ZDNet report on December 25, says that security researchers Gibson Security published information pertaining to undocumented developer hooks, as well as code for two exploits. These exploits would allow the mass matching of phone numbers with names, as well as the mass creation of fake accounts.
SnapchatDB adds that Snapchat "was too reluctant at patching the exploit until they knew it was too late and companies that we trust with our information should be more careful when dealing with it."
TechCrunch reports that a member of its editorial team was affected by the hack, lending credence to this being more than a hoax. The Next Web adds that a WHOIS lookup of SnapchatDB's domain shows it was made on December 31, with a Panama mailing address and contact number.
Users can use the following website to confirm if their user information was taken due to this intrusion.
Snapchat is an app that lets users take and edit photos and video and send them to specific recipients. The media sent can be set to have a time limit, after which it will be hidden from the receiving device and taken off Snapchat servers. – Rappler.com