Snapchat Hacked and Data Exposed

Snapchat breached

Just last Tuesday, a website called made Snapchats users’ information available for download on their page. The website was taken down the next day most likely for breaking JDRHosting’s web services rules. The website owners claimed they were making “an attempt to expose the vulnerability of users’ data.” This same statement was made by those who were responsible for creating other hacking software such as Droidsheep, a Firefox plugin which hijacks session variables of users logged on to facebook or other website applications which utilize session variables.

On December 27th, Snapchat posted on their blog website that one of the security flaws was exposed by some of their white-hat hackers, stating their API was reachable and claimed that a possible attack could be made such that customer’s information could be leaked:

Occasionally computer security professionals and other helpful people reach out to us about potential bugs and vulnerabilities in Snapchat. We are grateful for the assistance of professionals who practice responsible disclosure and we’ve generally worked well with those who have contacted us.

This week, on Christmas Eve, a security group posted documentation for our private API. This documentation included an allegation regarding a possible attack by which one could compile a database of Snapchat usernames and phone numbers. Blog

It seems as though this attack was of no surprise to them.


Avatar photo

Yousef Shanawany

Living in the heart of Silicon Valley, Yousef is a tech reviewer and editor and enjoys reading about tech news around the world. As his primary focus is the video game industry, he also loves reading about mobile and tablet news, as well as other new emerging hardware technologies. Yousef graduated from San Jose State University, earning his Bachelors degree in Software Engineering. He spends most of his time reading, gaming, and programming.