What We Learned From Snapchat’s 4.6M User Hack

News, Rights

On New Year’s Day, millions of Snapchat users discovered that their data had been compromised. Information from approximately 4.6 million users of the photo-sharing app was published online by hackers who wanted to demonstrate that Snapchat’s security was lacking. This is the latest in a headline-making series of (unrelated) security breaches, but it won’t be the last.

Millions of Snapchat Usernames, Phone Numbers Published Online

Usernames and phone numbers with the last two digits missing were published online on Reddit and the site SnapchatDB.info, which has since been suspended. A hacker or group of hackers going by “Lightcontact” claimed to be responsible. This came after months of warnings to Snapchat about the company’s security features.

In August of last year, the Australian company Gibson Security alerted Snapchat to the fact that it had a flaw that could be breached. Snapchat did not respond. Gibson Security repeated the warning on December 25th, to which Snapchat replied in a blog post that they’d made hacking their database “more difficult.” When the database was hacked a week later, the company responded with another blog post, saying it would allow users to opt out of the “Find Friends” feature which stores users’ phone numbers. It also promised to improve security in other ways. If users were expecting an apology for the breach, they didn’t get one.

Snapchat users can check if their information was leaked using this lookup tool from Gibson Security.

Snapchat Popularity Soared Since September 2011 Debut

Snapchat has grown impressively in just a little over two years, with millions of users sharing millions of photos and videos every day. The company has no revenue, but its popularity has supposedly prompted two major companies to make multibillion dollar offers: Facebook offered $3 billion on November 14th, and Google offered $4 billion a day later. Both offers were refused.

A big draw of the multi-feature app is that it allows users to decide how long the recipient can see the photo – anywhere from 1 to 10 seconds – before it’s gone and deleted from Snapchat’s servers. Although not the company’s stated intention, this feature allows users to share very personal messages with others.

Improve Your Online Security Protect Your Information

There’s not much users can do now if their info was leaked; even closing their Snapchat account won’t help, since the information has already been published. But this is a good reminder – especially as storing data in the cloud becomes more popular – that nothing online is perfectly safe, and that it’s only a matter of time before the next big security breach occurs. Take steps now to lessen the chances that your personal information is leaked.

Change your passwords. Most people use the same password, or a slight variation on one or two basic passwords, simply because it’s easier to remember. But improving password security is the first step in improving your overall security online. There are many options to improve your login security, including this “password recipe” tool, or try one of the dozens of free password generators available, like this Ultra High Security Password Generator, also from Gibson Security, or this one from Cloudwards.

Change your usernames. Hacking one account can make it easier to hack others when the same information is used. For added privacy, choose usernames that don’t include your real name.

Opt for two-step authentication when possible. Some sites give you the option to add an extra step to the login process, such as a security code texted to your phone that you must enter before gaining access to your account. These can be tedious, but they do improve security.

Close your accounts before they are hacked. If you’ve finally had enough, consider abstaining from life online altogether, or at least from the sites you can live without. Clear out your data and shut down your accounts for good.