2014 Snapchat hack: Difference between revisions
m Dating maintenance tags: {{Contradiction-inline}} |
m fixed CS1 errors: dates & General fixes using AWB (9832) |
||
Line 34: | Line 34: | ||
| notes = |
| notes = |
||
}} |
}} |
||
[[Snapchat]], a [[photo sharing|photo messaging]] mobile application, was hacked on January 1, 2014.<ref>{{cite news|url=http://www.theregister.co.uk/2014/01/02/snapchat_leak/|title=Snapchat: In 'theory' you could hack... Oh Crap, is that 4.6 million user's details?|work=[[The Register]]|accessdate=2014-01-03}}</ref><ref name="time">{{cite web|url=http://techland.time.com/2014/01/02/how-to-survive-the-snapchat-hack-and-others/|title=How to Survive the Snapchat Hack (and Others)|work=[[TIME]]|accessdate=2014-01-03}}</ref> The hack is said to have revealed parts of approximately 4.6 million usernames and phone numbers in a website named "SnapchatDB.info"<ref name="time" /><ref name="mercury"/><ref name="telegraph">{{cite web|url=http://www.telegraph.co.uk/technology/internet-security/10546626/Snapchat-hack-leaks-4.6m-users-details.html|title=Snapchat hack leaks 4.6m users details|work=[[The Daily Telegraph|The Telegraph]]|accessdate=2014-01-03}}</ref> Snapchat reportedly failed to fix a security vulnerability that was publicly disclosed by Gibson Security, an Australian security firm.<ref>{{cite web|url=http://www.usatoday.com/story/tech/columnist/2014/01/02/snapchat-breach-new-tech-economy-john-shinal-usa-today/4250487/|title=Snapchat hack should be a "wake-up" call|work=[[USA Today]]|accessdate=2014-01-03}}</ref> The firm is also said to have written precisely about the flaw the week before the hack.<ref>{{cite web|url=http://gibsonsec.org/snapchat/|title=Snapchat Security Disclosure|publisher=Gibson Security|accessdate=2014-01-03}}</ref> The hack, according to Jeff Macke, might cost the company founder $4 billion.<ref>{{cite news|url=http://finance.yahoo.com/blogs/breakout/snapchat-hack-may-have-just-cost-the-company-founder--4-billion-155733225.html|title=Snapchat hack may have just cost the company founder $4 billion|publisher=[[Yahoo Finance]]|accessdate=2014-01-03}}</ref> The hackers sent a statement to the popular technology blog [[TechCrunch]], saying, "our motivation behind the release was to raise the public awareness around the issue and also put public pressure on Snapchat to get this exploit fixed".<ref name="mercury">{{cite news|url=http://www.mercurynews.com/business/ci_24836443/snapchat-security-breach-affects-4-6-million-user|title=Snapchat hack: Users wonder whether their snaps are safe|work=[[San Jose Mercury News]]|accessdate=2014-01-03}}</ref> The hackers allegedly used an API exploit to hack Snapchat.<ref>{{cite web|url=http://www.forbes.com/sites/anthonykosner/2014/01/01/4-6-million-snapchat-usernames-and-phone-numbers-captured-by-api-exploit/|title=4.6 million Snapchat Usernames and Phone Numbers Captured by API Exploit|work=[[Forbes]]|accessdate= |
[[Snapchat]], a [[photo sharing|photo messaging]] mobile application, was hacked on January 1, 2014.<ref>{{cite news|url=http://www.theregister.co.uk/2014/01/02/snapchat_leak/|title=Snapchat: In 'theory' you could hack... Oh Crap, is that 4.6 million user's details?|work=[[The Register]]|accessdate=2014-01-03}}</ref><ref name="time">{{cite web|url=http://techland.time.com/2014/01/02/how-to-survive-the-snapchat-hack-and-others/|title=How to Survive the Snapchat Hack (and Others)|work=[[TIME]]|accessdate=2014-01-03}}</ref> The hack is said to have revealed parts of approximately 4.6 million usernames and phone numbers in a website named "SnapchatDB.info"<ref name="time" /><ref name="mercury"/><ref name="telegraph">{{cite web|url=http://www.telegraph.co.uk/technology/internet-security/10546626/Snapchat-hack-leaks-4.6m-users-details.html|title=Snapchat hack leaks 4.6m users details|work=[[The Daily Telegraph|The Telegraph]]|accessdate=2014-01-03}}</ref> Snapchat reportedly failed to fix a security vulnerability that was publicly disclosed by Gibson Security, an Australian security firm.<ref>{{cite web|url=http://www.usatoday.com/story/tech/columnist/2014/01/02/snapchat-breach-new-tech-economy-john-shinal-usa-today/4250487/|title=Snapchat hack should be a "wake-up" call|work=[[USA Today]]|accessdate=2014-01-03}}</ref> The firm is also said to have written precisely about the flaw the week before the hack.<ref>{{cite web|url=http://gibsonsec.org/snapchat/|title=Snapchat Security Disclosure|publisher=Gibson Security|accessdate=2014-01-03}}</ref> The hack, according to Jeff Macke, might cost the company founder $4 billion.<ref>{{cite news|url=http://finance.yahoo.com/blogs/breakout/snapchat-hack-may-have-just-cost-the-company-founder--4-billion-155733225.html|title=Snapchat hack may have just cost the company founder $4 billion|publisher=[[Yahoo Finance]]|accessdate=2014-01-03}}</ref> The hackers sent a statement to the popular technology blog [[TechCrunch]], saying, "our motivation behind the release was to raise the public awareness around the issue and also put public pressure on Snapchat to get this exploit fixed".<ref name="mercury">{{cite news|url=http://www.mercurynews.com/business/ci_24836443/snapchat-security-breach-affects-4-6-million-user|title=Snapchat hack: Users wonder whether their snaps are safe|work=[[San Jose Mercury News]]|accessdate=2014-01-03}}</ref> The hackers allegedly used an API exploit to hack Snapchat.<ref>{{cite web|url=http://www.forbes.com/sites/anthonykosner/2014/01/01/4-6-million-snapchat-usernames-and-phone-numbers-captured-by-api-exploit/|title=4.6 million Snapchat Usernames and Phone Numbers Captured by API Exploit|work=[[Forbes]]|accessdate=3 January 2014}}</ref> |
||
==Public response == |
==Public response == |
Revision as of 01:54, 4 January 2014
File:Snapchat logo.png | |
Date | January 1, 2014 |
---|---|
Location | Globally |
Cause | Hack |
Outcome | Approximately 4.6 million usernames and phone numbers leaked |
Website | http://snapchat.com/ |
Snapchat, a photo messaging mobile application, was hacked on January 1, 2014.[1][2] The hack is said to have revealed parts of approximately 4.6 million usernames and phone numbers in a website named "SnapchatDB.info"[2][3][4] Snapchat reportedly failed to fix a security vulnerability that was publicly disclosed by Gibson Security, an Australian security firm.[5] The firm is also said to have written precisely about the flaw the week before the hack.[6] The hack, according to Jeff Macke, might cost the company founder $4 billion.[7] The hackers sent a statement to the popular technology blog TechCrunch, saying, "our motivation behind the release was to raise the public awareness around the issue and also put public pressure on Snapchat to get this exploit fixed".[3] The hackers allegedly used an API exploit to hack Snapchat.[8]
Public response
Gibson Security spokesperson said, “I can understand [why they hacked Snapchat], and it’s probably going to get Snapchat to do something, but I think it was too far, and they could have at least censored more of the phone numbers,”.[9] Snapchat users were concerned about whether the company compromises on security. Arik Hesseldahl, senior editor at Re/code, encouraged site owners[failed verification] to "think like a hacker", and fix the vulnerabilities in their sites to prevent hack attempts.[10] Gibson Security, the firm that first pointed out the security flaw, said it was not a part of the hacking attempt.[11] However, some SnapChat users posted to Twitter that they were not worried about the hack.[12] Adam Levin, co-founder of Identity Theft 911, commented that any hacking attempt impacts people. He said it is important to know that any technology can be defeated, and one should look at things skeptically.[12]
Response from Snapchat
Snapchat did not issue any statement formally about the hack.[9][13][contradictory][failed verification] Evan Spiegel, the founder of Snapchat whose number was apparently present in the hacked database, tweeted that the company was currently seeking legal help.[13] In its response, Snapchat said that an updated version of its app would soon come out that could let users opt out of the "Find Friends" feature, that required their stored numbers so that other users could easily find them.[14] Other changes applied by Snapchat post the attack, to protect users and improve security, include the rate limiting suggested by security researchers last week.[15][16]
One particular phrase in the response reads "[...] that same group publicly documented our API, making it easier for individuals to abuse our service and violate our Terms of Use" - this is an example of Security through obscurity.
References
- ^ "Snapchat: In 'theory' you could hack... Oh Crap, is that 4.6 million user's details?". The Register. Retrieved 2014-01-03.
- ^ a b "How to Survive the Snapchat Hack (and Others)". TIME. Retrieved 2014-01-03.
- ^ a b "Snapchat hack: Users wonder whether their snaps are safe". San Jose Mercury News. Retrieved 2014-01-03.
- ^ "Snapchat hack leaks 4.6m users details". The Telegraph. Retrieved 2014-01-03.
- ^ "Snapchat hack should be a "wake-up" call". USA Today. Retrieved 2014-01-03.
- ^ "Snapchat Security Disclosure". Gibson Security. Retrieved 2014-01-03.
- ^ "Snapchat hack may have just cost the company founder $4 billion". Yahoo Finance. Retrieved 2014-01-03.
- ^ "4.6 million Snapchat Usernames and Phone Numbers Captured by API Exploit". Forbes. Retrieved 3 January 2014.
- ^ a b "Snapchat confirms leak of 4.6M usernames, doesn't apologize". VentureBeat. Retrieved 2014-01-03.
- ^ "Hack attempt at Snapchat". CNBC. Retrieved 2014-01-03.
- ^ "Snapchat hacked, leaking 4.6 million usernames and phone numbers". Sydney Morning Herald. Retrieved 2014-01-03.
- ^ a b "Snapchat's hack: What Users should do now". Fox Business. Retrieved 2014-01-03.
- ^ a b "Snapchat hack: 4.6 million users affected". The Independent. Retrieved 2014-01-03.
- ^ "Snapchat acknowledges hack, updated app coming that lets users opt out of Find Friends". Engadget. Retrieved 2014-01-03.
- ^ "Snapchat- Find Friends abuse". Snapchat Blog. Retrieved 2014-01-03.
- ^ "Millions of accounts compromised in Snapchat hack". CNN. Retrieved 2014-01-03.