A little more than a week after information on a weakness within Snapchat’s security was highlighted, the service has been hacked and details on usernames and their phones numbers, numbering at 4.6 million, have been published online.
Luckily the published numbers don’t contain the last two digits, as they have been censored, and it isn’t clear how legitimate the data is, but it is definitely a severe security weakness that Snapchat should address. It also definitely didn’t help having the details of this weakness published by Gibson Research. They claim they did so because they had brought this information to Snapchat privately, but were essentially ignored, and thought that more drastic measures were needed.
Snapchat.db, the site that published the user names and numbers, has been suspended, but the information is still available online. According to those that ran the site, “for now, we have censored the last two digits of the phone numbers in order to minimize spam and abuse. Feel free to contact us to ask for the uncensored database. Under certain circumstances, we may agree to release it.”