Snapchat is ‘sorry’ for data breach, strengthens mobile app security

By , Jan 9, 2014

snapchat 2

Snapchat has found itself in some pretty hot water after a group of anonymous hackers on New Year’s Eve breached its database and leaked 4.6 million usernames and phone numbers on the web. The controversy wasn’t necessarily about the security breach itself, but over Snapchat’s stubborn refusal to publicly acknowledge the situation, apologize for the inconvenience and update customers on steps taken, if any, to rectify the situation.

It’s mind-boggling that Snapchat was aware of a security hole in its API for several weeks yet did absolutely nothing to plug it, an inexplicable move that has in turn allowed the hackers to successfully exploit Snapchat’s shortcomings and steal user data.

Today, the company has finally gone on the record to confirm that a new update to its Android and iOS apps improves security by letting folks opt out of the Find Friends feature which has, partially, allowed for the hack.

And although the company has yet to formally apologize for the messy handling of the situation, it now says it’s “sorry” for any problems this issue may have caused its users…

Here’s Snapchat’s full response, via its official blog:

This morning we released a Snapchat update for Android and iOS that improves Find Friends functionality and allows Snapchatters to opt-out of linking their phone number with their username. This option is available in Settings > Mobile #.

This update also requires new Snapchatters to verify their phone number before using the Find Friends service.

Our team continues to make improvements to the Snapchat service to prevent future attempts to abuse our API. We are sorry for any problems this issue may have caused you and we really appreciate your patience and support.

Love,

Team Snapchat

A security update the team is referring to is now live in the App Store.

Just a few days ago, the company in another blog post blamed the data leak on an abuse of its service.

Two things.

Firstly, today’s blog post fails to offer a formal apology for not responding to the security breach in a timely and transparent manner, for which they took a lot of heat and earned themselves bad press.

And secondly, the Snapchat mobile apps now offer a workaround solution (concerned about other people knowing your phone number? Opt-out of the Find Friends service!), but we’re still left in the dark as to what exactly is being done in terms of backend security.

We don’t know how secure our Snapchat data is on their servers and what steps are being taken to prevent future breaches, and that’s an unsettling thought.

If you’d rather opt-out of Snapchat completely, I have a quick guide up explaining how to delete your Snapchat account and associated data.

  • Share:
  • Follow:
  • Jonathan

    Love,

    Team Snapchat

    Not anymore…

  • http://twitter.com/int3nsive Int3nsive

    Every time I see some social network companies promising security and privacy I giggle more than I should…can’t explain why

  • chris125

    They are only sorry because someone put all this information out there because they refused to patch the bug months ago when it was reported, otherwise they would have just left the bug there.

  • Linton Findlay

    no such thing as bad press, all press is good

    • Johannes Mertens

      This isnt True with modern Media anymore. There is Indeed Bad press which can rip your ass of and Ruin your Whole Life.

  • Osama Muhammed

    I’m not surprised from an app with an that icon

  • Michael Jay Delaney

    New: Opt-out of linking your phone number.
    Also New: Must verify phone number.
    What? lol

  • D R

    we’re sorry we didn’t secure our server, even after having the problem clearly spelled out to us months ago, and only bothered to partially fix the problem after we were shamed into doing something after millions of our users had their privacy violated.