Popular photo messaging service Snapchat, was hacked by anonymous hackers, and they have leaked over 4.6 Million usernames and phone numbers.
The database of the accounts was available for download in two formats, as an SQL dump and as a CSV file in a website, which has been suspended ever since. It was taken down by the hackers themselves, because their hosting service was getting excessive traffic.
The website read,
"You are downloading 4.6 million users’ phone number information, along with their usernames. People tend to use the same username around the web so you can use this information to find phone number information associated with Facebook and Twitter accounts, or simply to figure out the phone numbers of people you wish to get in touch with."
The hackers had revealed that the purpose of the hack was to raise awareness about Snapchat’s vulnerability and they wanted the company to patch up their security loop holes. They also revealed that they had censored the last two digits of the leaked users’ phone numbers to minimize the spam and abuse, but alarmingly they have also said that, they may agree to release their uncensored database "under certain circumstances."
Even though the database has been taken down, the information has been stored in multiple locations which include mirrors and torrents.
The hack occurred barely a week after Snapchat, took to their blog to reveal that they had patched the exploits in the Snapchat API published by an Australian white-hat hacker group, called Gibson Security published an API for Snapchat.
Gibson Security denied involvement in the attacks, and added that Snapchat’s blog post claiming that they have “patched the exploits and are impossible to hack” could have been the motivation for the hackers.
We know nothing about SnapchatDB, but it was a matter of time till something like that happened.Also the exploit works still with minor fixes
— Gibson Security (@gibsonsec) January 1, 2014
Two developers, Will Smidlein & Robbie Trencheny, have written an online program, which helps Snapchat users to check if their account information was leaked in the recent hack. You can access GS Lookup – Snapchat to see if your information has been leaked.
They have also said that they are not affiliated with Gibson Security, and are merely using their servers since their own server was unable to deal with incoming traffic.
You can also use Snapcheck for checking if your account information is safe.
Sadly there isn’t much you can do if your account information and phone number have been leaked, Since deleting your account will not remove your number from the leaked database, the only option you have is to switch to a new phone number.
Snapchat, in the meanwhile are yet to comment on the whole issue.