Uh-oh… this isn’t good. Just as Snapchat’s star seemed like it would continue rising indefinitely, the company has suffered a massive setback in the form of an information leak of massive proportions. Taking advantage of a recently-revealed vulnerability, hackers were able to pull 4.6 million usernames and phone numbers from the service and publish them online for the whole world to see.
The story begins with a vulnerability in Snapchat’s system that was revealed by security researchers last week — a vulnerability they claimed had been known for months. Before the issue could be fixed, somebody hacked in a pulled a “vast majority” of users’ information and made it public through a website called SnapchatDB.
The website has been taken down since the leak was first reported on last night, but for a time all of the info was up and available for download as SQL/CSV files.
At first we reacted with skepticism, but when developers Robbie Trencheny and Will Smeindlein released a tool that would search through the download and let you know whether or not your info has been compromised, we thought we’d give it a shot. I typed in my own username and, lo and behold:
Yes, that is my number. No, I’m not thrilled. Especially since I’ve used Snapchat only a few times. Long story short, the leak looks to be legitimate, and while the aforementioned tool conceals the last 2 numbers in your phone number to preserve your privacy, the leak itself (obviously) did not.
So, if you’ve ever used Snapchat — even if it was only one time — we suggest you give Trencheny and Smidlein’s tool a go and find out if your info has been compromised. All you have to do is type in your Snapchat username, so there’s no need to worry that the tool itself is a scam that’s trying to collect your info.