Three days ago, ephemeral communication app Snapchat released a statement on its website responding to a group of security professionals at Gibson Security who posted what they claimed to be numerous exploits of the app’s API. The hot startup waved those claims away in the post:
Theoretically, if someone were able to upload a huge set of phone numbers, like every number in an area code, or every possible number in the U.S., they could create a database of the results and match usernames to phone numbers that way. Over the past year we’ve implemented various safeguards to make it more difficult to do.
But apparently those safeguards weren’t secure enough, as a team of hackers posted 4.6 million usernames and phone numbers of Snapchat users as a downloadable database just before midnight on Tuesday.
Right now, the database is censored, blurring the last two digits of each user’s…
View original post 72 more words