The Inquirer-Home

Snapchat snaps at hacking attack chat

Will update its app
Fri Jan 03 2014, 09:39
snapchat-logo

SELFIE SHARING APP Snapchat will update its software in the wake of a hacking attack that exposed more than four million usernames and phone numbers.

The website was attacked earlier this week, and breached through a vulnerability that had been discussed by a security company but dismissed by the firm.

Since that first dismissal and the announcement of the security breach the firm has taken the matter more seriously and is now in the process of updating its application to be more secure and less open to exploitation.

"We acknowledged in a blog post last Friday that it was possible for an attacker to use the functionality of Find Friends to upload a large number of random phone numbers and match them with Snapchat usernames. On New Years Eve, an attacker released a database of partially redacted phone numbers and usernames. No other information, including Snaps, was leaked or accessed in these attacks," it said.

"We will be releasing an updated version of the Snapchat application that will allow Snapchatters to opt out of appearing in Find Friends after they have verified their phone number. We're also improving rate limiting and other restrictions to address future attempts to abuse our service."

The firm does not seem to be particularly happy with Gibson Security, the outfit that blogged in detail about its vulnerabilities. In its blog it suggests that none of this would have happened without the disclosure.

"A security group first published a report about potential Find Friends abuse in August 2013. Shortly thereafter, we implemented practices like rate limiting aimed at addressing these concerns," it added.

"On Christmas Eve, that same group publicly documented our API, making it easier for individuals to abuse our service and violate our Terms of Use." µ

 

Share this:

blog comments powered by Disqus
Advertisement
Subscribe to INQ newsletters

Sign up for INQbot – a weekly roundup of the best from the INQ

Advertisement
INQ Poll

Masque malware is putting iPad and iPhone user data at risk

Has news of iOS malware made you reconsider getting an iPhone?