Wednesday, January 1st, 2014
Happy New Year to all our beloved customers!
Barely a day into this new year, and we have reports of a massive security breach of popular social media network Snapchat. The loopholes enabling this exploit was found months ago by mysterious company Gibson Security who, on Christmas Eve, released the API along with 2 scripts enabling this security exploit.
Gibson Security claims to have done this because Snapchat had not fixed any of the exploits found and reported in August. Shortly after releasing the API and scripts, Snapchat responded in a blog post, saying ‘We recently added additional counter-measures and continue to make improvements to combat spam and abuse.’
Today a website called SnapchatDB now claims to have the username and phone numbers of 4.6 million Snapchat users, and is allowing downloads of the entire database (Thankfully the last two numbers of all numbers are blurred out). The uncensored database may be released, but only ‘under certain circumstances’.
This seems to be someone who simply took advantage of the information provided by Gibson Security, but there’s no telling if more nefarious parties have also accessed and obtained the same data. Guess one new year resolution should be to avoid Snapchat! Or just pay more attention to the security of your social media / communications platform of choice.
Oh, and if you want to check your username against the database, there’s a script to do so, here: http://robbiet.us/snapchat/