After more than 4 million Snapchat usernames and associated phone numbers were leaked on New Year’s Day, the company has finally responded—coming up way short of an apology to the users who were affected.
A group called SnapchatDB released the collection of user phone numbers with the last two digits blurred, and they haven’t ruled out releasing the phone numbers in their entirety, which would open up those users to spam. SnapchatDB was able to exploit a flaw in Snapchat’s code, a flaw that was made public months ago but Snapchat said they had already fixed, and they say they released the user data to raise awareness about Snapchat’s laxed security measures. Snapchat has finally responded to the leak, without apologizing to the users whose info they failed to protect (which includes this writer.) "We will be releasing an updated version of the Snapchat application that will allow Snapchatters to opt out of appearing in Find Friends after they have verified their phone number," Snapchat said on their website. "We're also improving rate limiting and other restrictions to address future attempts to abuse our service."
Gibson Group, the people who were among the first the warn Snapchat of the flaws in their code, responded to their post:
We’re not the first people to reverse engineer some of Snapchats protocol, we just created the most extensive documentation. Several people before us did some research and at no point were they met with this level of impoliteness. In fact, we think that you abused the trust of your user base by failing to respond to this situation with a swift response, we are yet to hear of what the users/people included in the leak have to do now, and at no point did I see an apology to the user base.
Is this address book function really necessary? Is it worth still having in your app? I’d do some research.
If you’d like to find out if your account was affected by the leak, and if you’d then like to delete your account, view our previous post here.