Hackers claim to reveal millions of Snapchat usernames and phone numbers


A website called SnapchatDB has made available for download what they claim is a database of 4.6 million Snapchat users, revealing usernames and phone numbers.

Snapchat numbers

An obvious concern is that many people on the internet adopt the same username on multiple services, perhaps making it easy for unauthorised parties to determine the private phone numbers of - say - Twitter or Facebook users.

And, of course, it’s possible that you have been flirting with someone via Snapchat that you *didn’t* want to have access to your phone number. Snapchat, you will remember, is designed to let you send a sexy snap that is only supposed to be viewable for a few seconds before it is destroyed).

SnapchatThe database’s release is further bad news for the popular iOS and Android app, which just before Christmas caught the attention of an Australian security group who published an API detailing how to access any phone number and username from the smartphone photo-sharing service beloved by sexting teens.

The group, who went by the name of Gibson Security, claimed they had been provoked by Snapchat who they felt had ignored the privacy hole which had been first disclosed in August 2013.

On December 27, Snapchat said that they had “implemented various safeguards” and “additional counter-measures” to make it more difficult for hackers to scoop up the details of users.

The database of 4.6 million usernames and phone numbers was, according to the people behind the website, done to “raise awareness” of the exploit.

This database contains username and phone number pairs of a vast majority of the Snapchat users. This information was acquired through the recently patched Snapchat exploit and is being shared with the public to raise awareness on the issue. The company was too reluctant at patching the exploit until they knew it was too late and companies that we trust with our information should be more careful when dealing with it.

The only modicum of comfort for affected users is that the last two digits of their phone numbers have been redacted from the downloadable database, although that may still be enough to help pinpoint a user’s approximate location and - worryingly - the anonymous hackers behind the SnapchatDB website say that under certain cirumstances they may be prepared to release it.

At least one website - www.snapcheck.org - has been created, claiming to help Snapchat users determine if their details might have been exposed by the privacy breach.

Be careful out there.

Tags: , , ,

Share this article:

   Join thousands of others and sign up to our free "GCHQ" newsletter.

Smashing Security podcast
Check out "Smashing Security", the award-winning weekly audio podcast, with Graham Cluley, Carole Theriault, and special guests from the world of information security.

"It's brilliant!" • "Three people having fun in an industry often focused on bad news" • Winner of the Best Security Podcast 2018

Latest episodes:
Listen on Apple Podcasts Listen on Google Podcasts

, , ,

No comments yet.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.