Well, now we know it has at least 4.6 million users.
Yesterday, The Verge reported that an unnamed hacker group had broken into Snapchat’s user database and posted nearly 4.6 million telephone numbers and usernames of Snapchat users.
The hackers posted the data on an unofficial site called SnapchatDB posted the user data, obscuring only the last two digits of their cell phone numbers. The usernames, however, were posted in their entirety. The Verge reports:
SnapchatDB says people should “feel free” to contact it for the uncensored database, as it may release it under certain circumstances. Usernames are presented unedited, and SnapchatDB notes that “people tend to use the same username around the web.” Those that download the information, it says, can try to “find phone number information associated with Facebook and Twitter accounts, or simply to figure out the phone numbers of people you wish to get in touch with.”
Not only does the hacking expose Snapchat’s privacy flaws in a big way, it also claims to give us some insight into the actual magnitude of Snapchat’s user base. The hacker group has said the 4.6 million user’s data represents the ‘vast majority” of Snapchat users. If that’s the case, then maybe there aren’t as many people using Snapchat as we thought, and the photo-sharing is truly over-valued. However, that contrasts with Pew Research figures which say it currently has closer to 26 million users. And as many Reddit users noted, the uploaded information was not complete, with several area codes missing from the list. It’s unclear whether the hackers were unable to obtain the complete database, or they were only able to post a part of it.
This is also a pretty big blow to Snapchat’s credibility, since it’s entire functionality is based on the idea of private photo-sharing. The prospect of that privacy being compromised could be horrifying for many users. For now, they can check this website to see if their information has been posted. As the Verge notes, Snapchat had acknowledged the possibility of such a leak happening in a blog post authored on December 27th, where it wrote:
Theoretically, if someone were able to upload a huge set of phone numbers, like every number in an area code, or every possible number in the U.S., they could create a database of the results and match usernames to phone numbers that way. Over the past year we’ve implemented various safeguards to make it more difficult to do. We recently added additional counter-measures and continue to make improvements to combat spam and abuse.
Oh well. So much for that.
