4.6 million phone numbers, is one of them yours?
While the siteÂ crumbled quickly under the weight of so many people trying to get to the leaked dataâ€”and has now been suspendedâ€”there isn’t really such a thing as putting the genie back in the bottle on the Internet.
Just before Christmas the Australian based Gibson SecurityÂ published a report highlighting two exploits in theÂ SnapchatÂ API claiming that hackers could easily gain access to usersâ€™ personal data. Snapchat dismissed the report,Â respondingÂ that,
Theoretically, if someone were able to upload a huge set of phone numbers, like every number in an area code, or every possible number in the U.S., they could create a database of the results and match usernames to phone numbers that way.
Adding that they had various “safeguards” in place to make it difficult to do that. However it seems likely thatâ€”despite being explicitly mentioned in the initial reportÂ four months previouslyâ€”none of these safeguards included rate limiting requests to their server, because someone seems to have taken them up on their offer.