Hackers gained access to nearly 5 million Snapchat accounts, posting their usernames and phone numbers to the web New Year’s Eve, according to several reports.
The hackers, identified only by the website name — SnapchatDB.info — told the media they were motivated to publish the file of 4.6 million users’ private information as a way to bring attention to known security flaws in the popular app. They also said that they had kept the last two numbers of each phone number hidden.
SnapchatDB told TechCrunch the following:
Our main goal is to raise public awareness on how reckless many internet companies are with user information. It is a secondary goal for them, and that should not be the case. You wouldn’t want to eat at a restaurant that spends millions on decoration, but barely anything on cleanliness.
The SnapchatDB.info site no longer works, but Mashable published this cached version. Developers also quickly created a tool for users to see if their account was among those compromised: find it here.
Snapchat has not made a statement yet. Just days before, however, the company acknowledged in a blog post that a security group had alerted it to a potential flaw. It “included an allegation regarding a possible attack by which one could compile a database of Snapchat usernames and phone numbers.” (Gibson Security had just warned that a hacker could grab as many as 10,000 Snapchat users’ phone numbers in seven minutes.) Snapchat’s blog said it had recently added new “counter-measures” to combat spam and abuse.
The app lets users send photo or video messages that then disappear within 24 hours — unless someone takes a screenshot.