Home  › Social › Social Media
Hacker

4.6 Million Snapchat Users’ Phone Numbers Posted Online in Protest of Site Vulnerabilities

  |  January 2, 2014   |  Comments

Hackers posted information from over 4.6 million Snapchat user accounts after the firm failed to "adequately address" reports of a security flaw in their system.

Hackers have posted the contact details of over 4.6 million Snapchat users online in a high-profile security incident that underlines the threats facing firms of all sizes for the year ahead.

The hackers posted the information on a website called SnapchatDB.info on Wednesday. At the time of publishing the website had been taken offline and Snapchat had not replied to V3's request for comment on whether a breach had occurred.

TechCrunch reported the owners of SnapchatDB confirmed the hack was done to force Snapchat to fix an ongoing flaw in its security.

"Our motivation behind the release was to raise the public awareness around the issue, and also put public pressure on Snapchat to get this exploit fixed. It is understandable that tech startups have limited resources but security and privacy should not be a secondary goal. Security matters as much as user experience does," read the statement.

The flaw was reported in late December by Gibson Security. Gibson Security later published the exploit online, claiming Snapchat was not adequately addressing the flaw. The hackers mirrored Gibson Security's sentiment confirming they used the exploit in the attack.

"We used a modified version of Gibson Sec's exploit/method. Snapchat could have easily avoided that disclosure by replying to Gibson Sec's private communications, yet they didn't. Even long after that disclosure, Snapchat was reluctant to taking the necessary steps to secure user data," they noted.

"Once we started scraping on a large scale, they decided to implement very minor obstacles, which were still far from enough. Even now the exploit persists. It is still possible to scrape this data on a large scale. Their latest changes are still not too hard to circumvent."

The hackers moved to stop other malicious users using the leaked information by removing the last two digits of the compromised phone numbers.

Snapchat is a popular photo and video sharing service. It lets users send photos and videos that automatically delete themselves after being viewed. Snapchat is listed as raising $123m in funding since launching two years ago.

Snapchat is one of many communication services hit by hackers in recent days. The Syrian Electronic Army hacked Skype's Twitter and blog, forcing it to post anti-Microsoft messages earlier this week. The breaches are a sign that the number of cyber attacks targeting businesses will continue to grow in 2014.

This article was originally published on V3.

Tags:

ClickZ Live New York Want to learn more?
Attend ClickZ Live New York March 30 - April 1. With over 15 years' experience delivering industry-leading events, ClickZ Live brings together over 60 expert speakers to offer an action-packed, educationally-focused agenda covering all aspects of digital marketing. Register today!

ABOUT THE AUTHOR

Alastair Stevenson

Alastair has worked as a reporter covering security and mobile issues at V3 since March 2012. Before entering the field of journalism Alastair had worked in numerous industries as both a freelance copy writer and artist.

View Alastair's Google+ profile

COMMENTSCommenting policy

comments powered by Disqus

Get ClickZ Social newsletters delivered right to your inbox. Subscribe today!

COMMENTS

UPCOMING EVENTS

Featured White Papers

A Buyer's Guide to Affiliate Management Software

A Buyer's Guide to Affiliate Management Software
Manage your performance marketing with the right solution. Choose a platform that will mutually empower advertisers and media partners!

Google My Business Listings Demystified

Google My Business Listings Demystified
To help brands control how they appear online, Google has developed a new offering: Google My Business Locations. This whitepaper helps marketers understand how to use this powerful new tool.

WEBINARS

Jobs

    • SEO Specialist
      SEO Specialist (Bankrate.com) - New YorkBankrate, Inc. operates a network of personal finance related web sites for consumers.  Our sites provide...
    • Search Manager
      Search Manager (LOYAL3) - San FranciscoThe Role: We are looking for a bright, driven and personable performance-based marketer to join LOYAL3’...
    • Product Manager - Contract position
      Product Manager - Contract position (Wiley Publishing) - HobokenThis position can be located in either Hoboken, NJ or Indianapolis, IN. We are...