Snapchat suffered a major security breach on New Year’s Eve when a reported 4 million usernames and passwords were collected by hackers. Snapchat had been warned twice by security experts about a vulnerability in its system, according to Yahoo News.
Snapchat is a private company that has marketed itself on being a more secure alternative that Facebook and Instagram. It lets users send photo and video messages that disappear once viewed. According to the New York Times, users of the self-destruct message service were sending 350 million photos a day in September –increased from 200 million in June.
Related content: Are Instagram and Snapchat safe for Kids?
Security researchers were not convinced that the app actually deleted information. The hackers who stole the usernames and passwords from Snapchat were actually security researchers with Gibson security who were able to hack into Snapchat’s servers and find the data that had been stored in a database similar to other big internet companies.
The security researchers posted the hacked information onto a website called SnapchatDB.info after privately warning Snapchat about the weakness in its system. The researchers then posted a warning about the security hole online on Christmas Eve after the notice was ignored. Snapchat did patch the hole in the system but it didn’t do enough. The data was not encrypted nor were there any basic security measures in place to prevent hacking.
The usernames and passwords put online in the data dump on New Year’s Eve had the last two digits of phone numbers removed. Snapchatdb.info has since been suspended for the data dump, but not before word spread of the breach.
The breach severely tarnishes Snapchat’s reputation and image. It could threaten the company’s rapid growth.
Gibson Security says users can delete their Snapchat accounts and ask their phone company to change their phone number in order to protect their information. Although, they warn that deleting the account won’t remove information from the leaked database information.
“Ensure that your security settings are up to scratch on your social media profiles. Be careful about what data you give away to sites when you sign up –if you don’t think a service requires your phone number, don’t give it to them,” Gibson told the Associated Press.
Snapchat is trying to reassure users’ that is has adopted security measures that would prevent spam and abuse. They also claim they are working to prevent “future attempts to abuse our service.”