Snapchat suffers security breach; millions of accounts affected - New York News

Snapchat suffers security breach; millions of accounts affected

Posted: Updated:
  • Must Read HeadlinesMore>>

  • E-Mow: Lawnmower That Runs On Grass

    E-Mow: Lawnmower That Runs On Grass

    A new invention that could make mowing the lawn a little easier...Sean Cummings has been mowing lawns in New York for over 25 years, but recently he says he's been battered by the price of gas.
    A new invention that could make mowing the lawn a little easier...Sean Cummings has been mowing lawns in New York for over 25 years, but recently he says he's been battered by the price of gas.
  • Teacher Defaces Dyslexic Student's Diploma

    Teacher Defaces Dyslexic Student's Diploma

    A teacher is facing termination after defacing the diploma of a student with learning disabilities in Denver, Colorado.But her supporters are voicing their opposition, saying she is a great teacher.One word could cost 18-year teacher Liz Peel her job.She`s accused of scratching out 'completed' and writing in 'attended' on a dyslexic student`s continuation certificate.14-year-old Arias Romero`s mom says Peel and other teachers didn`t feel her son earned the privilege of attending t...
    A teacher is facing termination after defacing the diploma of a student with learning disabilities in Denver, Colorado.But her supporters are voicing their opposition, saying she is a great teacher.One word could cost 18-year teacher Liz Peel her job.She`s accused of scratching out 'completed' and writing in 'attended' on a dyslexic student`s continuation certificate.14-year-old Arias Romero`s mom says Peel and other teachers didn`t feel her son earned the privilege of attending t...
  • Airport mechanic lends helping hand to war vet

    Airport mechanic lends helping hand to war vet

    An airport mechanic lent a helping hand to a war vet, quadruple amputee.Taylor Morris tripped after going through security and needed some help with his prosthetic leg. That's when American Airlines Mechanic, Keith Duffner stepped in.FOX's Danielle Miller has more on the heart-warming moment caught on camera and going viral.
    An airport mechanic lent a helping hand to a war vet, quadruple amputee.Taylor Morris tripped after going through security and needed some help with his prosthetic leg. That's when American Airlines Mechanic, Keith Duffner stepped in.FOX's Danielle Miller has more on the heart-warming moment caught on camera and going viral.

By BARBARA ORTUTAY
AP Technology Writer

NEW YORK (AP) - Snapchat, the disappearing-message service popular with young people, has been quiet following a security breach that allowed hackers to collect the usernames and phone numbers of some 4.6 million of its users.

Company spokeswoman Mary Ritti said Thursday that the company is assessing the situation, but did not have further comment.

The breach occurred after security experts warned the company at least twice about a vulnerability in its system. Snapchat's seemingly detached response is causing some security specialists to wonder whether the young company can handle the spotlight that it's been thrust into over the last year as its service has become enormously popular.

In response to a warning by Gibson Security Dec. 25 -which followed an earlier alert in August- Snapchat said in a blog post last Friday that it had implemented "various safeguards" over the past year that would make it more difficult to steal large sets of phone numbers. Snapchat hasn't detailed the changes it made.

Even so, regarding Snapchat's response, Gartner security analyst Avivah Litan said it "doesn't seem that responsible to be so nonchalant about it."

As Americans rang in the New Year, hackers reportedly published 4.6 million Snapchat usernames and phone numbers on a website called snapchatdb.info, which has since been suspended. The breach came less than a week after the most recent warning from security experts that an attack could take place.

The incident bruises the company's image and may threaten its rapid growth. Los Angeles-based Snapchat has no source of revenue, but its rapid rise to an estimated 20 million U.S. adult users prompted Facebook to extend a reported $3 billion buyout last year. Snapchat's 23-year-old CEO Evan Spiegel turned down the overture. The user number estimate is based on census data and data from the Pew Research Center.

What should users do? Gibson Security, the firm that warned Snapchat of the security vulnerability on Christmas Day, has created a site, - http://lookup.gibsonsec.org/ - that lets users type in their username to see if their phone number was among those leaked. Of two user accounts that The Associated Press checked, one was found to have been compromised.

Gibson Security did not publish the last two digits of the phone numbers.

Gibson says users can delete their Snapchat account if they wish, but "this won't remove your phone number from the already circulating leaked database." Users can also ask their phone company to give them a new phone number.

"Lastly, ensure that your security settings are up to scratch on your social media profiles. Be careful about what data you give away to sites when you sign up - if you don't think a service requires your phone number, don't give it to them," Gibson said.

This was Gibson's second warning to Snapchat, following one in August that the security firm said was ignored.

"Given that it's been around four months since our last Snapchat release, we figured we'd do a refresher on the latest version, and see which of the released exploits had been fixed (full disclosure: none of them)," Gibson wrote on the Gibson Security website.

The Snapchat breach comes just two weeks after Target was hit with a massive data security breach that affected as many as 40 million debit and credit card holders. Litan, said phone numbers are not considered "sensitive" personally identifiable information - such as credit card or social security numbers - so they are collected by all sorts of companies to verify a person's identity.

A phone number is "not as bad as password or magnetic strip information, but it's the piece of the puzzle that criminals need to impersonate identities," she said.

Christopher Soghoian, principal technologist with the American Civil Liberties Union, agreed.

"The main problem was that they ignored a responsible report by security researchers," he said, adding that his concern is not with the specific database of information that was released, but that Snapchat has "demonstrated a cavalier attitude about privacy and security."

Many people use Snapchat because it feels more private than other messaging apps and social networks. Users can send each other photos and videos that disappear within a few seconds after they are viewed. While the recipient can take a screenshot of the message, a big draw of Snapchat is its ephemeral nature.

"This probably won't be the last problem with Snapchat," Soghoian said. Companies like Microsoft and Google, he added, actively court security researchers and even pay bounties for people to expose flaws in their systems.

"Snapchat may be too small to pay bounties, but they certainly should be treating researchers with respect and addressing issues as soon as they are told about them," he said.

Copyright 2014 The Associated Press modified.

Didn't find what
you were looking for?

  • Local NewsLocal NewsMore>>

  • Officials: Piece of jet fell onto Long Island yard

    Officials: Piece of jet fell onto Long Island yard

    Saturday, August 23 2014 2:33 PM EDT2014-08-23 18:33:40 GMT
    Authorities are trying to figure out how if a metal part from a jet airliner fell out of the sky and landed in a Long Island yard.
    Authorities are trying to figure out how if a metal part from a jet airliner fell out of the sky and landed in a Long Island yard.
  • Thousands march in Staten Island to honor Eric Garner, Michael Brown

    Thousands march in Staten Island to honor Eric Garner, Michael Brown

    Saturday, August 23 2014 1:35 PM EDT2014-08-23 17:35:39 GMT
    Thousands of protesters packed in cars and caravans, crossed over the Verrazano-Narrows Bridge Saturday to protest the death of Eric Garner, the man who died last month after being put in a chokehold by an NYPD officer.
    Thousands of protesters packed in cars and caravans, crossed over the Verrazano-Narrows Bridge Saturday to protest the death of Eric Garner, the man who died last month after being put in a chokehold by an NYPD officer.
  • Police: 5 suspects wanted in Central Park attack

    Police: 5 suspects wanted in Central Park attack

    Saturday, August 23 2014 12:27 PM EDT2014-08-23 16:27:52 GMT
    Police are looking for five suspects in a Central Park pellet attack they're investigating as a hate crime.
    Police are looking for five suspects in a Central Park pellet attack they're investigating as a hate crime.
Powered by WorldNow
Didn't find what you were looking for?
All content © Copyright 2000 - 2014 Fox Television Stations, Inc. and Worldnow. All Rights Reserved.
Privacy Policy | New Terms of Service What's new | Ad Choices