Skip to main content

Millions of accounts compromised in Snapchat hack

Doug Gross, CNN
STORY HIGHLIGHTS
  • A hacker group says it accessed info for 4.6 million Snapchat users
  • The group, SnapchatDB, urged the app to tighten security
  • They said the last two digits in phone numbers were blurred
  • Snapchat lets users share photos and videos

(CNN) -- Hackers appear to have posted account info for 4.6 million users of quickie social-sharing app Snapchat, making usernames and at least partial phone numbers available for download.

The data were posted to the website SnapchatDB.info. By late Wednesday morning, that site had been suspended.

The hack was seemingly intended to urge Snapchat to tighten its security measures. The anonymous hackers said they used an exploit created by recent changes to the app, which lets users share photos or short videos that disappear after a few seconds.

"Our motivation behind the release was to raise the public awareness around the issue, and also put public pressure on Snapchat to get this exploit fixed. It is understandable that tech startups have limited resources but security and privacy should not be a secondary goal. Security matters as much as user experience does," the hackers said in a statement to technology blog TechCrunch.

Millions compromised in Snapchat hack
Snapchat's $3 billion blunder?

In the statement, the hackers said they blurred the last two digits of the phone numbers they posted but were still considering whether to post more with the full number visible.

By Wednesday afternoon, developers had used the data to set up a website letting Snapchat users find out whether their accounts had been compromised.

Snapchat did not immediately respond to a message seeking comment.

Last week, Gibson Security -- a group of "white hat" hackers, meaning they don't exploit the security gaps they find -- published what they said was code that would enable such a hack. The SnapchatDB group said Snapchat implemented "very minor obstacles" after that.

"We know nothing about SnapchatDB, but it was a matter of time til something like that happened," Gibson Security wrote Wednesday on its Twitter account. "Also the exploit works still with minor fixes."

In a blog post Friday, Snapchat appeared to minimize the potential damage from such a hack, claiming that it would require a "huge set of phone numbers, like every number in an area code," to match usernames to numbers.

"Over the past year we've implemented various safeguards to make it more difficult to do. We recently added additional counter-measures and continue to make improvements to combat spam and abuse," the post read. "Happy Snapping!"

ADVERTISEMENT
Part of complete coverage on
updated 11:50 AM EDT, Tue September 30, 2014
Experts believe that ISIS may be using a Spanish enclave to bring jihad to Europe.
updated 9:00 AM EDT, Tue September 30, 2014
With an efficient subway, inexpensive taxis and a good public bus system, Hong Kong is normally an easy city to navigate ...
updated 7:32 PM EDT, Sun September 28, 2014
CNN's Ivan Watson was in the middle of a pro-democracy protest in Hong Kong when things got out of hand.
updated 4:12 PM EDT, Tue September 30, 2014
The world's animal population has halved in 40 years as humans put unsustainable demands on Earth, a new report warns.
updated 8:49 AM EDT, Tue September 30, 2014
Every day, refugees and migrants risk their lives as they seek a new life. Now, a new report puts a figure to the number of victims.
updated 10:42 AM EDT, Tue September 30, 2014
Mainstream commentators must promote positive role models to Muslims feeling victimized, writes Ghaffar Hussain.
updated 2:13 AM EDT, Mon September 29, 2014
Two men familiar with inside knowledge of ISIS speak with CNN's Arwa Damon.
Explore CNN's interactive that explains ISIS' roots, what it controls, and where its support comes from.
updated 4:10 PM EDT, Thu September 25, 2014
In his first-ever interview as the Emir of Qatar, Sheikh Tamim bin Hamad Al-Thani defended his country against allegations of funding terrorism.
updated 11:03 AM EDT, Sat September 27, 2014
The North Korean leader hasn't been seen for weeks, leading to speculation that he is in poor health.
updated 9:54 PM EDT, Tue September 23, 2014
Haider al-Abadi hopes airstrikes don't lead to "of another terrorist element" instead of ISIS.
updated 9:19 AM EDT, Thu September 25, 2014
The United States couldn't do it on its first try. Neither could the Soviets.
updated 11:29 AM EDT, Wed September 24, 2014
CNN's Nima Elbagir reflects on a harrowing trip to Liberia where she covered the deadliest Ebola outbreak in history.
updated 10:23 AM EDT, Fri September 26, 2014
Contrary to public opinion, rats can actually save lives -- Apopo's rats have actually saved thousands.
updated 9:36 AM EDT, Tue September 30, 2014
Each day, CNN brings you an image capturing a moment to remember, defining the present in our changing world.
Browse through images from CNN teams around the world that you don't always see on news reports.
ADVERTISEMENT