Skip to main content

Millions of accounts compromised in Snapchat hack

Doug Gross, CNN
STORY HIGHLIGHTS
  • A hacker group says it accessed info for 4.6 million Snapchat users
  • The group, SnapchatDB, urged the app to tighten security
  • They said the last two digits in phone numbers were blurred
  • Snapchat lets users share photos and videos

(CNN) -- Hackers appear to have posted account info for 4.6 million users of quickie social-sharing app Snapchat, making usernames and at least partial phone numbers available for download.

The data were posted to the website SnapchatDB.info. By late Wednesday morning, that site had been suspended.

The hack was seemingly intended to urge Snapchat to tighten its security measures. The anonymous hackers said they used an exploit created by recent changes to the app, which lets users share photos or short videos that disappear after a few seconds.

"Our motivation behind the release was to raise the public awareness around the issue, and also put public pressure on Snapchat to get this exploit fixed. It is understandable that tech startups have limited resources but security and privacy should not be a secondary goal. Security matters as much as user experience does," the hackers said in a statement to technology blog TechCrunch.

Millions compromised in Snapchat hack
Snapchat's $3 billion blunder?

In the statement, the hackers said they blurred the last two digits of the phone numbers they posted but were still considering whether to post more with the full number visible.

By Wednesday afternoon, developers had used the data to set up a website letting Snapchat users find out whether their accounts had been compromised.

Snapchat did not immediately respond to a message seeking comment.

Last week, Gibson Security -- a group of "white hat" hackers, meaning they don't exploit the security gaps they find -- published what they said was code that would enable such a hack. The SnapchatDB group said Snapchat implemented "very minor obstacles" after that.

"We know nothing about SnapchatDB, but it was a matter of time til something like that happened," Gibson Security wrote Wednesday on its Twitter account. "Also the exploit works still with minor fixes."

In a blog post Friday, Snapchat appeared to minimize the potential damage from such a hack, claiming that it would require a "huge set of phone numbers, like every number in an area code," to match usernames to numbers.

"Over the past year we've implemented various safeguards to make it more difficult to do. We recently added additional counter-measures and continue to make improvements to combat spam and abuse," the post read. "Happy Snapping!"

ADVERTISEMENT
Part of complete coverage on
This looks like a ghost ship, but it's actually the site of a tense international standoff between the Philippines and China.
July 26, 2014 -- Updated 1555 GMT (2355 HKT)
The reported firing of artillery from Russian territory is a sign Vladimir Putin has escalated the Ukraine battle, says CNN's military analyst Rick Francona.
July 27, 2014 -- Updated 0846 GMT (1646 HKT)
The young boy stops, stares, throws ammunition casings at the reporter's feet without a word.
July 27, 2014 -- Updated 1237 GMT (2037 HKT)
A picture taken on June 28, 2014 shows a member of Doctors Without Borders (MSF) putting on protective gear at the isolation ward of the Donka Hospital in Conakry, where people infected with the Ebola virus are being treated. The World Health Organization has warned that Ebola could spread beyond hard-hit Guinea, Liberia and Sierra Leone to neighbouring nations, but insisted that travel bans were not the answer.
The worst ebola outbreak in history spreads out of control in West Africa. CNN's Michael Holmes reports.
July 26, 2014 -- Updated 0048 GMT (0848 HKT)
Sure, Fido is a brown Lab. But inside, he may also be a little green.
July 24, 2014 -- Updated 2006 GMT (0406 HKT)
ITN's Dan Rivers reports from the hospital where those injured by an attack in Gaza were being treated.
July 28, 2014 -- Updated 1303 GMT (2103 HKT)
Photograph of an undisclosed location by Patrycja Makowska
Patrycja Makowska likes to give enigmatic names to the extraordinarily beautiful photographs she shoots of crumbling palaces.
July 23, 2014 -- Updated 0804 GMT (1604 HKT)
When the Costa Concordia and its salvage convoy finally depart Giglio, the residents will breathe a sigh of relief -- and shed a tear.
July 25, 2014 -- Updated 1808 GMT (0208 HKT)
Flight attendants are wearing black ribbons to show solidarity with fallen colleagues in "a tribute to those who never made it home."
CNN joins the fight to end modern-day slavery by shining a spotlight on its horrors and highlighting success stories.
Browse through images from CNN teams around the world that you don't always see on news reports.
ADVERTISEMENT