Snapchat hackers expose details of 4.6 million users

Hackers have posted the usernames and mobile phone numbers of 4.6 million US Snapchat account holders online

Hackers have posted the usernames and mobile phone numbers of 4.6 million US Snapchat account holders on a website called

Snapchat is a mobile app that allows users to send and receive "self-destructing" photos and videos.

But the last two digits of the users' phone numbers were censored and the website has been taken down, although a cached version is still available, according to the BBC.

The hack comes days after Australian firm Gibson Security warned that hackers could exploit vulnerabilities in the Snapchat app.

The hackers said they had exploited the security flaw highlighted by Gibson Security. "We used a modified version of gibsonsec's exploit/method," they were quoted as saying by Tech Crunch.

The hackers said their aim was to raise public awareness around the issue, and also put public pressure on Snapchat to get the exploit fixed.

“It is understandable that tech startups have limited resources, but security and privacy should not be a secondary goal. Security matters as much as user experience does,” they told Tech Crunch.

In a report published on 25 December 2013, Gibson Security warned that a vulnerability on the Snapchat app could be used to reveal the phone numbers of users.

The report said Snapchat had been alerted to this possibility four months ago, but had taken no steps to improve security.

Snapchat acknowledged the vulnerability in a blog post on 27 December, but said it had implemented “various safeguards” to protect user data.

The hackers who published the Snapchat user data said the vulnerability still exists, making it possible to harvest user data on a large scale.

Snapchat has yet to respond to requests for comment and information on what steps it plans to take to ensure user data is safe.

Read more on Hackers and cybercrime prevention

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

The daily reports of online data theft is getting ridiculous. Or way too serious. It's time we fix the problem for real or just admit we've failed miserably. Then we can post everyone's most personal data in a huge, wide-open database. That would save a lot of time and eliminate everyone's false false sense of security.

Why aren't any very private, very stuffed Swiss bank accounts ever hacked? Why aren't the coffers of the 1% drained on an ongoing basis? Why don't we just do whatever it is they do and fix the problem....
Any social media site is going to be a target. Too many people can't live without them and give up so much personal data they make prime targets... Why do we make things easier for the hackers.

I can’t say that I’m surprised. The bigger you get, the bigger target you become.