Skip to main content

Millions of accounts compromised in Snapchat hack

Doug Gross, CNN
STORY HIGHLIGHTS
  • A hacker group says it accessed info for 4.6 million Snapchat users
  • The group, SnapchatDB, urged the app to tighten security
  • They said the last two digits in phone numbers were blurred
  • Snapchat lets users share photos and videos

(CNN) -- Hackers appear to have posted account info for 4.6 million users of quickie social-sharing app Snapchat, making usernames and at least partial phone numbers available for download.

The data were posted to the website SnapchatDB.info. By late Wednesday morning, that site had been suspended.

The hack was seemingly intended to urge Snapchat to tighten its security measures. The anonymous hackers said they used an exploit created by recent changes to the app, which lets users share photos or short videos that disappear after a few seconds.

"Our motivation behind the release was to raise the public awareness around the issue, and also put public pressure on Snapchat to get this exploit fixed. It is understandable that tech startups have limited resources but security and privacy should not be a secondary goal. Security matters as much as user experience does," the hackers said in a statement to technology blog TechCrunch.

Millions compromised in Snapchat hack
Snapchat's $3 billion blunder?

In the statement, the hackers said they blurred the last two digits of the phone numbers they posted but were still considering whether to post more with the full number visible.

By Wednesday afternoon, developers had used the data to set up a website letting Snapchat users find out whether their accounts had been compromised.

Snapchat did not immediately respond to a message seeking comment.

Last week, Gibson Security -- a group of "white hat" hackers, meaning they don't exploit the security gaps they find -- published what they said was code that would enable such a hack. The SnapchatDB group said Snapchat implemented "very minor obstacles" after that.

"We know nothing about SnapchatDB, but it was a matter of time til something like that happened," Gibson Security wrote Wednesday on its Twitter account. "Also the exploit works still with minor fixes."

In a blog post Friday, Snapchat appeared to minimize the potential damage from such a hack, claiming that it would require a "huge set of phone numbers, like every number in an area code," to match usernames to numbers.

"Over the past year we've implemented various safeguards to make it more difficult to do. We recently added additional counter-measures and continue to make improvements to combat spam and abuse," the post read. "Happy Snapping!"

ADVERTISEMENT
Part of complete coverage on
December 24, 2014 -- Updated 0254 GMT (1054 HKT)
A decade on from devastating 2004 Indian Ocean tsunami, the Red Cross' Matthias Schmale says that the lessons learned have made us safer.
December 24, 2014 -- Updated 0024 GMT (0824 HKT)
As soon as word broke that "The Interview" will hit some theaters, celebrations erupted across social media -- including from the stars of the film.
December 23, 2014 -- Updated 1844 GMT (0244 HKT)
Did a rogue hacker -- or the U.S. government -- cut the cord for the regime's Internet?
December 24, 2014 -- Updated 0106 GMT (0906 HKT)
Monaco's newborn royals, Princess Gabriella and Crown Prince Jacques Honore Rainier, posed for their first official photos with their parents.
December 23, 2014 -- Updated 1706 GMT (0106 HKT)
Tim Berners-Lee, the man credited with inventing the world wide web, gives a speech on April 18, 2012 in Lyon, central France, during the World Wide Web 2012 international conference on April 18, 2012 in Lyon.
What's next for the Internet? Acclaimed scientist Sir Tim Berners-Lee shares his insights.
December 23, 2014 -- Updated 0822 GMT (1622 HKT)
The United States and North Korea have long been locked in a bitter cycle of escalating and deescalating tensions. But the current cyber conflict may be especially hard to predict.
December 22, 2014 -- Updated 2100 GMT (0500 HKT)
A chilling video shows Boko Haram executing dozens of non-Muslims.
December 22, 2014 -- Updated 1134 GMT (1934 HKT)
New planes, new flight tests ... but will we get cheaper airfares?
December 21, 2014 -- Updated 1746 GMT (0146 HKT)
The killing of two cops could not have happened at a worse time for a city embroiled in a public battle over police-community relations, Errol Louis says.
December 22, 2014 -- Updated 0251 GMT (1051 HKT)
The gateway to Japan's capital, Tokyo Station, is celebrating its centennial this month -- and it has never looked better.
December 20, 2014 -- Updated 1621 GMT (0021 HKT)
Unicef has warned that more than 1.7 million children in conflict-torn areas of eastern Ukraine face an "extremely serious" situation.
December 22, 2014 -- Updated 1701 GMT (0101 HKT)
Each day, CNN brings you an image capturing a moment to remember, defining the present in our changing world.
Browse through images from CNN teams around the world that you don't always see on news reports.
ADVERTISEMENT