Welcome to the MacNN Forums.

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

You are here: MacNN Forums > News > Tech News > Exploit leads to Snapchat hack, 4.6M usernames, numbers published

Exploit leads to Snapchat hack, 4.6M usernames, numbers published
Thread Tools
MacNN Staff
Join Date: Jul 2012
Status: Offline
Reply With Quote
Jan 1, 2014, 04:54 PM
 
A flaw in ephemeral messaging service Snapchat's API has been exploited, and the phone numbers and usernames of some 4.6 million users are now on a site called SnapchatDB.info. The Washington Post reported on Wednesday on the hack, noting that Snapchat users can look up whether their accounts are among the affected by going to this site. The API vulnerability was publicized last week, and Snapchat later stated that it had made the hack "more difficult to do" in response.

The hackers, though, still managed to access millions of user accounts. In a statement to TechCrunch, SnapchatDB said the hack was accomplished using a modified version of the previously publicized method. The hackers' motivation, though, was to increase security.



"Our motivation behind the release was to raise the public awareness around the issue, and also put public pressure on Snapchat to get this exploit fixed. It is understandable that tech startups have limited resources but security and privacy should not be a secondary goal. Security matters as much as user experience does."

Snapchat DB apparently censored the last two digits of the hacked phone numbers in order to minimize spam and abuse.

While it did reveal no small amount of user information, the breach did not affect Snapchat's primary function. The service allows users to send image and video messages that self-delete a few seconds after they are opened. Security experts, though, say that coded scripts harvesting user data could "automatically build profiles about users, which could be sold for a lot of money."
     
Fresh-Faced Recruit
Join Date: Sep 2004
Status: Offline
Reply With Quote
Jan 2, 2014, 07:48 AM
 
I guess they should have taken that $3 Billion that Facebook offered them. Now, this exploit makes the service worth far less. D'oh!
     
   
Thread Tools
Forum Links
Forum Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On
Top
Privacy Policy
All times are GMT -4. The time now is 12:49 PM.
All contents of these forums © 1995-2015 MacNN. All rights reserved.
Branding + Design: www.gesamtbild.com
vBulletin v.3.8.8 © 2000-2015, Jelsoft Enterprises Ltd., Content Relevant URLs by vBSEO 3.3.2