Skip to main content

Snapchat improves app security after user account leak

snapchat suffers spam attack
Image used with permission by copyright holder

After the usernames and mobile numbers of 4.6 million users found their way onto the Web this week, Snapchat has taken steps to plug the some of the security gaps in its photo sharing app. In a blog post that seems short on contrition, the development team promises that an update is on the way to prevent this sort of large-scale data harvesting in the future.

At the center of the security storm is the Find Friends feature that enables your friends to add you on Snapchat via your phone number. With a little bit of hacking, an unscrupulous individual can ping Snapchat’s databases to match names to numbers, and this is exactly what has happened.

Recommended Videos

Snapchat’s official blog post starts off with a defence of the Find Friends feature before firing a shot across the bows of Gibson Security, who first brought this Snapchat vulnerability to the public’s attention: “A security group first published a report about potential Find Friends abuse in August 2013. Shortly thereafter, we implemented practices like rate limiting aimed at addressing these concerns. On Christmas Eve, that same group publicly documented our API, making it easier for individuals to abuse our service and violate our Terms of Use.”

“On New Years Eve, an attacker released a database of partially redacted phone numbers and usernames. No other information, including Snaps, was leaked or accessed in these attacks,” continues the statement. “We will be releasing an updated version of the Snapchat application that will allow Snapchatters to opt out of appearing in Find Friends after they have verified their phone number. We’re also improving rate limiting and other restrictions to address future attempts to abuse our service.”

So there you have it — you can pull your number out of the Find Friends database once you’ve used it to build up your Snapchat contacts, and the developers will also make it tougher to harvest several million names next time around. According to security firm AdaptiveMobile, users in California and New York were the worst hit by the data breach, with Colorado, Illinois and Florida also heavily targeted.

At the time of writing the Snapchat app update hasn’t yet arrived, but it shouldn’t take long to appear in your app store of choice.

Topics
David Nield
Former Digital Trends Contributor
Dave is a freelance journalist from Manchester in the north-west of England. He's been writing about technology since the…
This music app is doing something different in the Apple App Store
The Practice Pro app.

The iOS App Store is awash with apps using subscriptions and in-app payments, but our attention has been drawn to a brand new release that goes back to the old way of doing things — charging a one-off payment. It’s such a rare approach, the company has even drawn attention to it in the app’s top features list.

The app is Practice Pro, a release from developers Dynamic App Design, and it is made to help musicians practice and improve with use. The studio claims it’s suitable for professional and amateur musicians due to its clever modular design. Using different widgets, the app can be set up to only include the practice tools relevant to you, a better option than either using multiple apps, or having a cluttered, unfocused menu.

Read more
The U.K. wants unchecked access to all iPhones worldwide
A person holding an iPhone in their hand.

In 2016, the FBI requested Apple to grant it an iOS backdoor access, but the company rejected it, with the “No” coming straight from CEO Tim Cook. In 2021, Apple even sued an Australian company that unlocked an iPhone for the same federal law enforcement agency.

Apple is once again at a security crossroads that could pose an existential threat to its iPhone business, and the privacy of users across the globe. According to The Washington Post, the British government has ordered Apple to give them “blanket” access to the encrypted materials saved by iPhone users on the iCloud online storage drive.

Read more
This One UI 7 update just made my Galaxy S25 Ultra way more fun
Prakhar Khanna holding the Samsung Galaxy S25 Ultra.

I’ve been using the Samsung Galaxy S25 Ultra for 10 days now, and the best and worst part about the new Galaxy flagship is its familiarity. The familiar form is good because Samsung delivered much-needed experiential upgrades such as improved battery life, better skin color temperature in cameras, and more without substantially changing the hardware.

But Samsung played it a little too safe with the Galaxy S25 Ultra instead of experimenting and trying new things. It was starting to feel like just another stale incremental update--until I installed One UI 7’s latest Home Up update. It brought new, customizable ways to interact with the phone and truly personalize it to your liking.
What's this new Home Up update about
 

Read more