4.6 Million Snapchat Usernames and Phone Numbers Leaked [Update]

4.6 Million Snapchat Usernames and Phone Numbers Leaked [Update]

Posted by · 47235 views · Translate

A new website called SnapchatDB! has allegedly leaked 4.6 million Snapchat usernames and phone numbers for Snapchat.

The site is at http://www.snapchatdb.info/ and lets you download the information as a SQL dump and as CSV text.

What am I downloading?
You are downloading 4.6 million users' phone number information, along with their usernames. People tend to use the same username around the web so you can use this information to find phone number information associated with Facebook and Twitter accounts, or simply to figure out the phone numbers of people you wish to get in touch with.

Some more information...
This database contains username and phone number pairs of a vast majority of the Snapchat users. This information was acquired through the recently patched Snapchat exploit and is being shared with the public to raise awareness on the issue. The company was too reluctant at patching the exploit until they knew it was too late and companies that we trust with our information should be more careful when dealing with it. For now, we have censored the last two digits of the phone numbers in order to minimize spam and abuse. Feel free to contact us to ask for the uncensored database. Under certain circumstances, we may agree to release it.

Last month, ZDNet reported that Gibson Security had published undocumented developer hooks (API) and code for exploits that allow mass matching of phone numbers with names and mass creation of bogus accounts after Snapchat had ignored their security disclosure since August.

According to the leak, the exploit has recently been patched; however, this probably won't give users on the list much comfort.

Developers Robbie Trencheny and Will Smidlein have created a reverse lookup tool that lets you input your username to see if your account was hacked.

Snapchat has yet to issue a statement. Please follow iClarified on Twitter, Facebook, Google+, or RSS for updates.

Update: Snapchat has issued the following statement regarding the breach:
When we first built Snapchat, we had a difficult time finding other friends that were using the service. We wanted a way to find friends in our address book that were also using Snapchat — so we created Find Friends. Find Friends is an optional service that asks Snapchatters to enter their phone number so that their friends can find their username. This means that if you enter your phone number into Find Friends, someone who has your phone number in his or her address book can find your username.

A security group first published a report about potential Find Friends abuse in August 2013. Shortly thereafter, we implemented practices like rate limiting aimed at addressing these concerns. On Christmas Eve, that same group publicly documented our API, making it easier for individuals to abuse our service and violate our Terms of Use.

We acknowledged in a blog post last Friday that it was possible for an attacker to use the functionality of Find Friends to upload a large number of random phone numbers and match them with Snapchat usernames. On New Years Eve, an attacker released a database of partially redacted phone numbers and usernames. No other information, including Snaps, was leaked or accessed in these attacks.

We will be releasing an updated version of the Snapchat application that will allow Snapchatters to opt out of appearing in Find Friends after they have verified their phone number. We’re also improving rate limiting and other restrictions to address future attempts to abuse our service.

We want to make sure that security experts can get ahold of us when they discover new ways to abuse our service so that we can respond quickly to address those concerns. The best way to let us know about security vulnerabilities is by emailing us: security@snapchat.com.

The Snapchat community is a place where friends feel comfortable expressing themselves and we’re dedicated to preventing abuse.

4.6 Million Snapchat Usernames and Phone Numbers Leaked [Update]

4.6 Million Snapchat Usernames and Phone Numbers Leaked [Update]

4.6 Million Snapchat Usernames and Phone Numbers Leaked [Update]

Jim - January 1, 2014 at 10:00pm
Hm, lots of usernames on that list begin with "obama"
Trucker68 - January 2, 2014 at 3:36pm
It's quit disturbing
tzvifiller - January 1, 2014 at 7:45pm
Wow, the NSA really loves iclarified for posting links to this stuff, and maybe apple will ban their app
Grammar vs Freedom - January 1, 2014 at 7:01pm
Your rant about freedom and youngsters was so prolific. Amazing. Simply the best blog comment of 2014. Only thing is, I'd rather be intelligenced, articulated, and the literate than freedomed. Youngsters doesn't understands the thing they don't have for future. Hope NSA like the message this comment. Lol. If the NSA read that... they crossed you off their list of people to spy on. You wouldn't pose much threat.
odedo1 - January 2, 2014 at 6:35am
I'm on every government computer I served in the military for two different countries, Actually I was on a loan to the U.S government as an expert dealing with terror ( been in that mess most of my life ) So for me I really don't care I know the government listens to my calls because we were doing it in Afghanistan on our own people who knew to much or just enough and you are a total fool, paranoid just like America is and Obama is the worst he is all talk and no actions Iran noticed it and play with him just like north Korea did a bunch of promises till it's to late! he is actually letting Iran build nuclear bombs ( they already got the missiles that can reach Europe and parts of the states and that's the reason they took away freedom from us over there and that also means that terror WON in the U.S. And that's one of the reason why I left L.A, Maybe if you got the guts come over here a place where FREEDOM is still means something and still exist even trough we have been fighting terrorism since 1948 and we are good at it we are not surrounded by water like America, we are surrounded by 5 big Muslim countries and more behind them especially Iran ( you see, us normal people believe in living, fanatics believe in death and 72 virgins which makes no sense because by now they are not 72 virgins but more like 72 sluts ) Any way all this countries with their hundreds of millions solders against our couple of millions would love to erase us from this planet they sure tried with many wars which didn't work so they use terror ( The difference between war and terror is that terror is not against solders but against citizens and to kill as many innocent people as possible ) sometime they succeed with a blowing up a bus or blowing themselves around people but you got to understand that every time they succeed once we stopped hundreds of bombing and thousands of terrorists and we do it 24 hours a day 365 days a year without no vacations! The one thing you'll never see here is FEAR people keep going on with their lives like nothing is happening because we believe in our military which provides FREEDOM, we also have no other choices so we got good at it and we are not scared to die for this land!!! And by the way I remember ( because I was there ) that the most important thing for us Americans was privacy nobody could even imagine that it would be taken away so easy, nobody believed that Americans in the land of the free will give away their freedom.
4 More Comments