SnapChat Confirmed: 4.6million accounts hacked

[quote=", post:, topic:"]

Confirmed: Snapchat Hack Not A Hoax, 4.6M Usernames And Numbers Published

A site called has saved usernames and phone numbers for 4.6 million accounts and made the information available

for download. In a statement to us, SnapchatDB says that it got the information through a recently identified and patched Snapchat

exploit and that it is making the data available in an effort to convince the messaging app to beef up its security. We’ve also reached

out to Snapchat.


And the funny part is this, that they also published a kind of public awareness message. lols!

[quote=", post:, topic:"]

SnapchatDB said:

Our motivation behind the release was to raise the public awareness around the issue, and also put public pressure on Snapchat

to get this exploit fixed. It is understandable that tech startups have limited resources but security and privacy should not be a

secondary goal. Security matters as much as user experience does. We used a modified version of gibsonsec’s exploit/method.

Snapchat could have easily avoided that disclosure by replying to Gibsonsec’s private communications, yet they didn’t. Even long

after that disclosure, Snapchat was reluctant to taking the necessary steps to secure user data. Once we started scraping on a

large scale, they decided to implement very minor obstacles, which were still far from enough. Even now the exploit persists. It is

still possible to scrape this data on a large scale. Their latest changes are still not too hard to circumvent. We wanted to minimize

spam and abuse that may arise from this release. Our main goal is to raise public awareness on how reckless many internet

companies are with user information. It is a secondary goal for them, and that should not be the case. You wouldn’t want to eat at

a restaurant that spends millions on decoration, but barely anything on cleanliness.


I just wonder where the internet is going to take us! :blink:

See thats why a user needs to be safe and be sure about where he is making ID and putting personal informantion.

A mere messaging app can put your personal info on risk.


what happens to the 20 min or similiar timeout of sending pics which get auto deleted.. were they compromised as well?.. do their servers actually store that data?

according to this post, pics gets deleted from the server as well, although this is not a reliable source

"When you send or receive Snaps, we also temporarily collect, process and store the contents of the Snaps (such as photos, videos and/or captions) on our servers. The contents of Snaps are also temporarily stored on the devices of recipients. Once all recipients have viewed a Snap, we automatically delete the Snap from our servers and our Services are programmed to delete the Snap from the recipients’ devices. However, users with access to the Replay feature are able to view a Snap additional times before it is deleted from their device. We cannot guarantee that deletion always occurs within a particular timeframe."