Skip to main content

Millions of accounts compromised in Snapchat hack

Doug Gross, CNN
STORY HIGHLIGHTS
  • A hacker group says it accessed info for 4.6 million Snapchat users
  • The group, SnapchatDB, urged the app to tighten security
  • They said the last two digits in phone numbers were blurred
  • Snapchat lets users share photos and videos

(CNN) -- Hackers appear to have posted account info for 4.6 million users of quickie social-sharing app Snapchat, making usernames and at least partial phone numbers available for download.

The data were posted to the website SnapchatDB.info. By late Wednesday morning, that site had been suspended.

The hack was seemingly intended to urge Snapchat to tighten its security measures. The anonymous hackers said they used an exploit created by recent changes to the app, which lets users share photos or short videos that disappear after a few seconds.

"Our motivation behind the release was to raise the public awareness around the issue, and also put public pressure on Snapchat to get this exploit fixed. It is understandable that tech startups have limited resources but security and privacy should not be a secondary goal. Security matters as much as user experience does," the hackers said in a statement to technology blog TechCrunch.

Millions compromised in Snapchat hack
Snapchat's $3 billion blunder?

In the statement, the hackers said they blurred the last two digits of the phone numbers they posted but were still considering whether to post more with the full number visible.

By Wednesday afternoon, developers had used the data to set up a website letting Snapchat users find out whether their accounts had been compromised.

Snapchat did not immediately respond to a message seeking comment.

Last week, Gibson Security -- a group of "white hat" hackers, meaning they don't exploit the security gaps they find -- published what they said was code that would enable such a hack. The SnapchatDB group said Snapchat implemented "very minor obstacles" after that.

"We know nothing about SnapchatDB, but it was a matter of time til something like that happened," Gibson Security wrote Wednesday on its Twitter account. "Also the exploit works still with minor fixes."

In a blog post Friday, Snapchat appeared to minimize the potential damage from such a hack, claiming that it would require a "huge set of phone numbers, like every number in an area code," to match usernames to numbers.

"Over the past year we've implemented various safeguards to make it more difficult to do. We recently added additional counter-measures and continue to make improvements to combat spam and abuse," the post read. "Happy Snapping!"

ADVERTISEMENT
Part of complete coverage on
updated 2:26 AM EDT, Thu April 24, 2014
A year ago, 1,000 garment workers died in the collapse of Rana Plaza building in Bangladesh. Here's a look at what has changed since then.
updated 12:53 AM EDT, Thu April 24, 2014
Focus is on the fish as U.S. President starts tour with visit to legendary Tokyo restaurant.
updated 1:23 PM EDT, Wed April 23, 2014
Fireworks are fantastic and human endeavor has its place, but sometimes Mother Nature outshines any performance we can produce.
updated 11:06 PM EDT, Wed April 23, 2014
In 1987, China sent its very first email. Here's what it said,
updated 10:13 PM EDT, Wed April 23, 2014
The world's new fastest elevator will fling you from earth to the 95th floor before you're done reading this article.
updated 4:12 PM EDT, Wed April 23, 2014
In one U.S. state, a new bill will allow ordinary citizens to carry guns in all sorts of places. Does it make you feel safer?
updated 10:10 AM EDT, Mon April 21, 2014
In South Korea, volunteer divers are risking their lives to rescue victims of the sunken ferry.
updated 3:15 PM EDT, Wed April 23, 2014
Park Jee Young, 22, helped passengers escape as the Sewol ferry sank -- giving out life jackets while refusing to wear one herself.
updated 12:43 PM EDT, Tue April 22, 2014
What did outgoing manager David Moyes get wrong in his six months with English Premier League football team Manchester United?
updated 1:36 PM EDT, Wed April 23, 2014
In honor of Shakespeare's birthday, here are 15 of the world's most amazing theaters.
updated 1:34 PM EDT, Tue April 22, 2014
CNN exclusive: Australian officials are hammering out a new agreement for widening the Flight 370 search area.
updated 8:28 AM EDT, Tue April 22, 2014
Malaysian officials sent to brief Chinese families are armed with little to no information.
updated 11:45 AM EDT, Tue April 22, 2014
When a team of Indian surgeons opened up the stomach of a 63-year-old man, they had no idea they'd extract a fortune.
updated 3:01 AM EDT, Tue April 22, 2014
Do these photos CNN of gun-toting men wearing green uniforms prove Russian forces are in eastern Ukraine?
updated 1:11 PM EDT, Wed April 23, 2014
If the Duchess wears it, then your fashion career is sorted for life.
updated 1:29 PM EDT, Thu April 24, 2014
Browse through images you don't always see on news reports from CNN teams around the world.
ADVERTISEMENT