Snapchat Hack Goes Public, 4.6 Million Usernames and Phone Numbers Published


You might recall that just a couple of days ago a hacker group claimed to have hacked the ever popular social networking application Snapchat. The exploit, which has as of now been fixed, supposedly allowed the hacker group access to the usernames and phone numbers of any user on the network. Snapchat did issue a statement in response to the threat, however it was all but satisfactory–instead they insisted that the threat was “theoretical” and did absolutely nothing to warn users that their data was in any way unsafe. Unfortunately for Snapchat’s users, however, the hack has now been proven very real as the hacker group has gone public with the data they stole from the service.

Around 4.6 million usernames and phone numbers were earlier today published on the site SnapchatDB.info. Though the site appears to have been taken offline, as we should all know by now nothing is truly ever deleted from the internet, especially not something as potentially valuable as this – expect to see these names and numbers appear on your favorite BitTorrent tracker any second now. Fortunately (if you could say that) SnapchatDB has censored the last two digitals of all telephone numbers, so if you’re one of the users now at risk because of this attack would be spammers will still need to do a little bit of extra work in order to get your full number – but that’s hardly any consolation to me.

Screenshot courtesy of TechCrunch.

If you want to know whether your username and number was exposed due to the attack, members of the community have already begun working on tools in order to help identify victims more easily. Developer Robbie Trencheny has created a new site dubbed “Snapchat checker” that allows you to put in your username which will then be checked against the leaked information. If your username was found to be leaked, the site will let you know.

A bad situation all around, to be sure. SnapchatDB claimed to TechCrunch that all of this could have been avoided if Snapchat had replied “to Gibsonsec’s private communications, yet they didn’t.” At the end of the day, we as users of these services need to be aware of who exactly we are entrusting our sensitive information to, and that information should be guarded and protected at all costs – even if that includes admitting that you’ve made a mistake, as Snapchat has surely done in the way that its handled (or not handled, more truthfully) this situation.