200,000 Snapchat Accounts Breached through Third-Party Services
The largest known Snapchat hack made the news recently, with an estimated two-hundred-thousand accounts affected and a massive 13 gigabytes of photos and videos had been stolen from services that allowed users to access their Snapchat out of the actual app. These third-party services are not directly affiliated to Snapchat, and according to the company, they had attempted to shut them down in the past.
For those who are not familiar with the Snapchat app, the mobile application has become largely popular among messaging apps for having specialized sharing features focused on sending “Snaps”, which can include text, pictures or videos that only appear once for the recipient before “self-destructing”. Along with that new features such as sharing “Stories”; a collection of media that can be saved and shared for 24 hours, along with similar image filters to Instagram and other cool sharing features.
Snapchat claims that all messages and snapshot pictures and videos get deleted, but they do not take any responsibility if any content ends up being shared after it should have been deleted. In their privacy policy, Snapchat confirms that there are possibly channels form which users can access Snaps. It is common to hear stories of users taking screenshots or taping the received messages before they get deleted, but that flaw had nothing to do with the two-hundred-thousand plus accounts that got hacked.
According to the latest reports, the hack actually occurred on at least two third-party Snapchat backup services. The first report on Business Insider warned that a minimum of 100,000 photos has been stolen and we’re to be leaked on 4chan, where the hack was titled “The Snappenin.” To worsen the situation, it is believed that the shots include underage nudes.
The two services in the center of the attack shared similar names, SnapSave for Android and SnapSaved, an online website which had already closed down a few months back. The services allowed users to access Snapchat messages without having to use the Snapchat app, and it seems they we’re also backing up all the Snaps, and that is how the problem started. Snapchat was quick to put the blame on the back of the users of these third-party services since their servers we’re never breached and claim to have no backups of old snaps, but who is to blame?
I don’t think so, and the popular opinion seems to point the finger at Snapchat. These services have been available since 2013, which tells us that Snapchat did not do enough to protect its’ users. It takes audacity to blame their user base for unknowingly putting themselves in danger by using available apps on the Google store or online.
For many, security responsibilities are clear as day and fall upon the authoritative service provider. An everyday user can think that those extra add-ons were authorized and safe to use. It was up to Snapchat’s security and legal team to properly investigate and quickly shut down these services. No one remembers them sending out any warning emails or contacting press to warn against these programs and websites, and for those reasons, I think it was incorrect to pass the blame down.
Snapchat users are now left with no recourse to take these pictures of the internet. With similar events happening with all the celebrity nudes leaked from iCloud, things seem to have just gone from bad to worse. It will be interesting to see how technology developers will attempt to address these issues in the near future. For now, everyone should stress security and privacy a little more, if it at all matters to them, of course.
If you’re worried about your privacy, here’s a quick VPN solution.