This page has been archived and commenting is disabled.

Was Your Snapchat Data Leaked?

Tyler Durden's picture





 

As reported earlier, on New Year's Day a group called SnapchatDB, in a painfully ironic move, hacked and publicly exposed the user names and phone numbers for 4.6 million users of the site that prides itself in its secrecy of its transmitted content (which supposedly disappears once it is deleted everywhere except on the NSA's hard drives to be used in the future as the opportunity presents itself) primarily involving photos of user genitals and market-moving inside information. Explaining its actions, SnapchatDB's statement was as follows:

Our motivation behind the release was to raise the public awareness around the issue, and also put public pressure on Snapchat to get this exploit fixed. It is understandable that tech startups have limited resources but security and privacy should not be a secondary goal. Security matters as much as user experience does.

 

We used a modified version of gibsonsec’s exploit/method. Snapchat could have easily avoided that disclosure by replying to Gibsonsec’s private communications, yet they didn’t. Even long after that disclosure, Snapchat was reluctant to taking the necessary steps to secure user data. Once we started scraping on a large scale, they decided to implement very minor obstacles, which were still far from enough. Even now the exploit persists. It is still possible to scrape this data on a large scale. Their latest changes are still not too hard to circumvent.

 

We wanted to minimize spam and abuse that may arise from this release. Our main goal is to raise public awareness on how reckless many internet companies are with user information. It is a secondary goal for them, and that should not be the case. You wouldn’t want to eat at a restaurant that spends millions on decoration, but barely anything on cleanliness.

TechChrunch summarized the situation concisely:

The Gibson Security report and SnapchatDB are both reminders that even in an ephemeral messaging service, it would be a mistake to be lulled into a sense of security about the information that you do have stored with the app. “People tend to use the same username around the web so you can use this information to find phone number information associated with Facebook and Twitter accounts, or simply to figure out the phone numbers of people you wish to get in touch with,” SnapchatDB stated on the site.

Of course, in this day and age when we revealed the NSA's leaked backdoor hacks, why anyone would assume anything they transmit over the internet - even encrypted - is secure is beyond us.

In the meantime, however, for those concerned if their Snapchat account was among those hacked, here is a simple way to check if your username was among the victims. The advice of the creators of the lookup database: "If your data has been leaked, don't freak out! There are a few things you can do if you've been affected. First and foremost, you can delete your Snapchat account here - sadly, this won't remove your phone number from the already circulating leaked database."

 


- advertisements -

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
Thu, 01/02/2014 - 11:50 | Link to Comment Mercury
Mercury's picture

The internet is forever.

Thu, 01/02/2014 - 11:51 | Link to Comment Divided States ...
Divided States of America's picture

The more websites you sign up, the more watched you become...dont sign up for anymore shit.

Thu, 01/02/2014 - 11:58 | Link to Comment pods
pods's picture

My phone's been ringing off the hook since they linked my phone number to that pic of my junk!

Carlos Danger

Thu, 01/02/2014 - 12:33 | Link to Comment NoDebt
NoDebt's picture

Go ahead.  Put your user name into that box one more time.  I double dog dare you.  Complete your journey to the dark side of identity theft.

Snapchat couldn't contact those users directly with a proactive message through their own service?  No, you gotta go pump your USID into another box on the internet.  A box I'm sure no hacker is monitoring to fill in the missing pieces of data they didn't steal earlier (like if you are an active user of your account, which keying in on that portal would confirm).

Thu, 01/02/2014 - 13:59 | Link to Comment Four chan
Four chan's picture

i have no idea what snapchat is.

 

Thu, 01/02/2014 - 14:11 | Link to Comment Son of Loki
Son of Loki's picture

Weiner praised the leak citing free publicity.

Thu, 01/02/2014 - 14:25 | Link to Comment Stackers
Stackers's picture

1st rule about Fight Club !

Thu, 01/02/2014 - 15:29 | Link to Comment Boris Alatovkrap
Boris Alatovkrap's picture

Wiener is leak? Sorry, but too much to inform.

Thu, 01/02/2014 - 12:32 | Link to Comment WillyGroper
Thu, 01/02/2014 - 13:00 | Link to Comment ebworthen
ebworthen's picture

Yeah, and it's all guys calling, damnb'it!

Thu, 01/02/2014 - 14:09 | Link to Comment jefferson32
jefferson32's picture

It's wrong to write that encrypted data can be compromised by the NSA. There is indeed no such thing as absolute safety (it tends to zero as the intruder's resources tend to infinity). But the NSA's resources are not infinite - strong, well-implemented crypto is much too expensive to break, even by the NSA.

Thu, 01/02/2014 - 11:50 | Link to Comment philosophers bone
philosophers bone's picture

And it's gone!! (the next big tech ponzi IPO) 

Thu, 01/02/2014 - 11:54 | Link to Comment Colonel Klink
Colonel Klink's picture

Snapshat, your data out.

Thu, 01/02/2014 - 11:55 | Link to Comment slotmouth
slotmouth's picture

LinkedIn is even worse, they are actively hacking you and spamming your friends. http://gigaom.com/2013/09/21/linkedin-is-breaking-into-user-emails-spamming-contacts-lawsuit/

 

Thu, 01/02/2014 - 12:11 | Link to Comment Mercury
Mercury's picture

Eventually they’ll be able to tell that your phone and another person’s phone spent the hours of 11pm-->8am on xx/xx/xx date, stationary and within 10 feet of each other.

 Whoever sees that data will likely draw certain conclusions as to what that data means…

 

Thu, 01/02/2014 - 12:34 | Link to Comment konputa
konputa's picture

Eventually? That's happening now. NSA tracks you and your co-travelers and uses it to identify your associates and link you to illegal activity or other events of interest.

 

http://apps.washingtonpost.com/g/page/national/how-the-nsa-is-tracking-p...

Thu, 01/02/2014 - 14:22 | Link to Comment Herd Redirectio...
Herd Redirection Committee's picture

I've never used a cellphone, and don't plan on using one in the future either.  Same goes for Google Glass or some embeddable microchip.  No thanks!

Thu, 01/02/2014 - 12:16 | Link to Comment adr
adr's picture

I never gave LinkedIn my primary e-mail but a contact of mine has my primary email linked with them in thier contact info. So now I get spam from LinkedIn on three different email accounts.

I also don't give a fuck about some guys new job skill that I met ten years ago and is linked to me through somebody else. I won't endorse my college roommate's new skill that he doesn't posses either.

I'll have to look up that lawsuit and add my name.

Fucking business world. You used to be declined for a job if you didn't have a resume on Monster.com. Now you won't get a job because your skills weren't endorsed on LinkedIn.

Thu, 01/02/2014 - 12:36 | Link to Comment Divided States ...
Divided States of America's picture

Do you think theres a coincidence that all the social media companies are headed by Jews? Zuckerberg (FB), LinkedIn (Weiner), Yelp (Stoppelman) etc

But the top dog is Page/Brin combo at GOOG or basically you can call it JOOG.

All these companies want to know everything about us. What we do at night, what color our piss is and which porn flick we like the most.

Guess why JOOG is now into armed robotics? Its their quest for world domination by knowing everything they need to know about everyone else and terminating those people that gets in their way.

The internet is their web to infiltrate into the privacy of our everyday lives.

Thu, 01/02/2014 - 12:51 | Link to Comment unrulian
unrulian's picture

Hey FS...sup?

Thu, 01/02/2014 - 13:05 | Link to Comment Divided States ...
Divided States of America's picture

Wish FS was still around, damn, 2014 wont be the same as 2013 on ZH.

Thu, 01/02/2014 - 15:25 | Link to Comment Musashi Miyamoto
Musashi Miyamoto's picture

Just curious, What percentage of Jews do you think are bad?

Thu, 01/02/2014 - 12:37 | Link to Comment Yes We Can. But...
Yes We Can. But Lets Not.'s picture

I won't sign up for LinkedInWithTheNSA.

Am I mssing out on much?

Thu, 01/02/2014 - 11:52 | Link to Comment Musashi Miyamoto
Musashi Miyamoto's picture

http://blog.snapchat.com/

DEC 27

"...Occasionally computer security professionals and other helpful people reach out to us about potential bugs and vulnerabilities in Snapchat. We are grateful for the assistance of professionals who practice responsible disclosure and we’ve generally worked well with those who have contacted us...

...Theoretically, if someone were able to upload a huge set of phone numbers, like every number in an area code, or every possible number in the U.S., they could create a database of the results and match usernames to phone numbers that way. Over the past year we’ve implemented various safeguards to make it more difficult to do. We recently added additional counter-measures and continue to make improvements to combat spam and abuse...

Happy Snapping!"

This is why i don't use a smart phone

Thu, 01/02/2014 - 12:08 | Link to Comment FeralSerf
FeralSerf's picture

It is now technologically possible to have someone with a smartphone droned automatically. There is no need for anyone on the joystick anymore, just someone to enter the lucky recipient's phone number.

There is likely new technology being developed (or already developed) that has miniaturized these drones so they can be more personal, i.e. just kill one "terrorist" (or troublesome unit of livestock), rather than the entire wedding party.

It may be unsafe to steal another person's smartphone in the near future if that person is on someone's shitlist.

Thu, 01/02/2014 - 12:29 | Link to Comment Musashi Miyamoto
Musashi Miyamoto's picture

http://www.anti-interception.com/samsung-g600-2014-top-level.html

Check it out. I have not used these guys but I'm starting to look at several options.

Thu, 01/02/2014 - 13:56 | Link to Comment zerozulu
zerozulu's picture

Pigeons raising business looks promising.

Thu, 01/02/2014 - 14:38 | Link to Comment Herd Redirectio...
Herd Redirection Committee's picture

Belgium and England...  They still breed pigeons there AFAIK.

Thu, 01/02/2014 - 11:57 | Link to Comment BullyBearish
BullyBearish's picture

Pretty bad when the only "Mommy" you can run to is the biggest perpetraitor of all...

Thu, 01/02/2014 - 12:00 | Link to Comment NuYawkFrankie
NuYawkFrankie's picture

Not to be confused with SnatchChat -  the dating-site for garrulous 69ers.

 

Thu, 01/02/2014 - 11:57 | Link to Comment GumbyMe
GumbyMe's picture

Data leak? How can you have a "data leak" on a site where idiots post their personal information to share with others?

Thu, 01/02/2014 - 12:07 | Link to Comment Dr. No
Dr. No's picture

Its a "leak" since it was not authorized.  Authorization only happens when SnapChat sells the data to various marketing and sales companies to build spam..er.. mailing lists.

Thu, 01/02/2014 - 11:58 | Link to Comment GrinandBearit
GrinandBearit's picture

95% of the sheeple are tech toy addicted narcissists.

It's very simple...

STAY AWAY FROM ALL SOCIAL MEDIA WEBSITES.

Thu, 01/02/2014 - 12:04 | Link to Comment Ketchup on a Hotdog
Ketchup on a Hotdog's picture

GS Lookup is a good way to get all the remaining user IDs.  

Thu, 01/02/2014 - 12:05 | Link to Comment Dr. Engali
Dr. Engali's picture

Pfffttt.... Who cares? The government is our friend. The important thing is that we are safe from those scary Muslim terrorists.

Thu, 01/02/2014 - 14:04 | Link to Comment zerozulu
zerozulu's picture

My biggest worry is the day when people who believed from their heart that .GOV is saving them from terrorist, find who really are the terrorist.

Thu, 01/02/2014 - 12:03 | Link to Comment Kilgore Trout
Kilgore Trout's picture

WTF is a snapchat? Never mind, don't tell me.

Thu, 01/02/2014 - 12:09 | Link to Comment adr
adr's picture

Supposedly worth $20 billion + with no revenue to speak of and no hope of profit ever.

Thu, 01/02/2014 - 12:14 | Link to Comment The man with po...
The man with pointy horns's picture

Ever heard of ad revenue, potential-revenue-which-will-be-profits-just-around-the-corner and Amazon's undefined P/E?

Thu, 01/02/2014 - 12:25 | Link to Comment adr
adr's picture

I can also think of the potential gratification of shoving my dick in my wife's ass. There's only one thing standing in the way, my wife.

I love this new world where having a successful business model is having no business model.

You can buy anything from A to Z on Amazon except for something that starts with P. Profit.

Thu, 01/02/2014 - 14:37 | Link to Comment Herd Redirectio...
Herd Redirection Committee's picture

I work for a rather small company and I regularly opine to myself, why are other companies with less profits, more highly valued?  How come only Twitter, AMZN, LinkedIn get absurd valuations, on no profits?

Thu, 01/02/2014 - 23:02 | Link to Comment StychoKiller
StychoKiller's picture

Perhaps you should mention Kegel exercises to yer wife...

Thu, 01/02/2014 - 14:56 | Link to Comment redux2redux
redux2redux's picture

With E being ZERO, your P/E is infinite. That's good right?

'To infinity and beyond...'

 

/SARCASM

Thu, 01/02/2014 - 12:13 | Link to Comment Dr. No
Dr. No's picture

In a world where US gov debt has a face value of $17T, $20B on SnapChat does not seem so outlandish.

Thu, 01/02/2014 - 12:29 | Link to Comment Darksky
Darksky's picture

Snapchat...i still dont know what twitter and facebook are.

Thu, 01/02/2014 - 12:12 | Link to Comment The man with po...
The man with pointy horns's picture

Yet more evidence of America's exceptionalism. Only they get their data leaked in such a blatant manner.

Okay, so everyone has had their data leaked and sold. But Americans have the front seats as we witness this descent into this technological totalitarian nightmare.

Thu, 01/02/2014 - 12:18 | Link to Comment fudge
fudge's picture

dumb fuckers

*/LAFFIN

 

Thu, 01/02/2014 - 12:21 | Link to Comment Rising Sun
Rising Sun's picture

nice hack Zuckerberg - you little fucking prick!!!

Thu, 01/02/2014 - 12:28 | Link to Comment adr
adr's picture

Zuckerberg's just pissed he can't look at underage male genitals on Facebook.

When does the CEO of Snapchat go to jail for facilitating the distribution of child porn?

Thu, 01/02/2014 - 12:32 | Link to Comment Colonel Klink
Colonel Klink's picture

As soon as the SEC/NSA is done looking at it.

Thu, 01/02/2014 - 12:39 | Link to Comment Budd aka Sidewinder
Budd aka Sidewinder's picture

WTF is Snapchat?????  Good God, could Americans have any more ways to fuck around on the internet??

Thu, 01/02/2014 - 12:57 | Link to Comment Colonel Klink
Colonel Klink's picture

Yes!  They're developing them EACH AND EVERY DAY!  With a disproportionate ratio created by the chosen class promoted by MSNBC/CNBC.

Thu, 01/02/2014 - 13:56 | Link to Comment Dr. No
Dr. No's picture

Here is idea to screw around on the internet in the future!:  http://www.bored.com/emailcapsules/

Thu, 01/02/2014 - 12:43 | Link to Comment haskelslocal
haskelslocal's picture

So Snapchat.... Will you take $1 billion?

Thu, 01/02/2014 - 14:36 | Link to Comment Conor
Conor's picture

Exactly! Those kids who declined a $3 bn buy out by Facebooks are idiots.

The irony of hubris.

Now, about that $40 bn valuation of Twitter..............

Thu, 01/02/2014 - 12:56 | Link to Comment BullyBearish
BullyBearish's picture

Those who: disarm you, invade your privacy, steal your $

Those who: want to be left alone to tend their goats

 

 

Who are you most afraid of???

Thu, 01/02/2014 - 14:06 | Link to Comment zerozulu
zerozulu's picture

 

 

"Who are you most afraid of???"

hungry, cold and angry people.

Thu, 01/02/2014 - 12:53 | Link to Comment ebworthen
ebworthen's picture

What's snap-chat?

Thu, 01/02/2014 - 12:58 | Link to Comment Colonel Klink
Colonel Klink's picture

Feel free to use the other "chosen" way to learn about it by Googling it.

Thu, 01/02/2014 - 12:59 | Link to Comment ebworthen
ebworthen's picture

I use Bing because the N.S.A. has their tentacles in everything so you may as well throw yourself into the beak of the squid.

And this could never happen to that coin what'cha ma'callit because it uses math and the Interwebs, right?

Thu, 01/02/2014 - 13:10 | Link to Comment Colonel Klink
Colonel Klink's picture

Nevar ebworthen!  Nevar I say.

Thu, 01/02/2014 - 13:03 | Link to Comment RaceToTheBottom
RaceToTheBottom's picture

I have the NSA on my saved contact list.

Bypasses many problems.

Thu, 01/02/2014 - 13:14 | Link to Comment wakablahh
wakablahh's picture

Snapchat should have just accepted the 3 Billion from Facebook.

Thu, 01/02/2014 - 13:25 | Link to Comment Max Cynical
Max Cynical's picture

SnapChat's rejection of the $3B buyout will go down in history as one of the worst business decisions of all time.

Thu, 01/02/2014 - 13:24 | Link to Comment Max Cynical
Max Cynical's picture

Deleted

Thu, 01/02/2014 - 13:25 | Link to Comment 22winmag
22winmag's picture

Want to know what Snapchat is?

 

Ask your daughter or granddaughter...

Thu, 01/02/2014 - 13:39 | Link to Comment Blano
Blano's picture

I don't care enough to either ask or Google it.  If it's a social media thingy, it isn't worth my time.

Thu, 01/02/2014 - 14:28 | Link to Comment roadhazard
roadhazard's picture

"was your snap chat data leaked."

yep, and my Swiss bank account number and my debit card number. I lied about the debit card number, anyone who has one of those deserves to be wiped out.

Do NOT follow this link or you will be banned from the site!