Snapchat has found itself in some pretty hot water after a group of anonymous hackers on New Year’s Eve breached its database and leaked 4.6 million usernames and phone numbers on the web. The controversy wasn’t necessarily about the security breach itself, but over Snapchat’s stubborn refusal to publicly acknowledge the situation, apologize for the inconvenience and update customers on steps taken, if any, to rectify the situation.
It’s mind-boggling that Snapchat was aware of a security hole in its API for several weeks yet did absolutely nothing to plug it, an inexplicable move that has in turn allowed the hackers to successfully exploit Snapchat’s shortcomings and steal user data.
Today, the company has finally gone on the record to confirm that a new update to its Android and iOS apps improves security by letting folks opt out of the Find Friends feature which has, partially, allowed for the hack.
And although the company has yet to formally apologize for the messy handling of the situation, it now says it’s “sorry” for any problems this issue may have caused its users…
Here’s Snapchat’s full response, via its official blog:
This morning we released a Snapchat update for Android and iOS that improves Find Friends functionality and allows Snapchatters to opt-out of linking their phone number with their username. This option is available in Settings > Mobile #.
This update also requires new Snapchatters to verify their phone number before using the Find Friends service.
Our team continues to make improvements to the Snapchat service to prevent future attempts to abuse our API. We are sorry for any problems this issue may have caused you and we really appreciate your patience and support.
A security update the team is referring to is now live in the App Store.
Just a few days ago, the company in another blog post blamed the data leak on an abuse of its service.
Firstly, today’s blog post fails to offer a formal apology for not responding to the security breach in a timely and transparent manner, for which they took a lot of heat and earned themselves bad press.
And secondly, the Snapchat mobile apps now offer a workaround solution (concerned about other people knowing your phone number? Opt-out of the Find Friends service!), but we’re still left in the dark as to what exactly is being done in terms of backend security.
We don’t know how secure our Snapchat data is on their servers and what steps are being taken to prevent future breaches, and that’s an unsettling thought.
If you’d rather opt-out of Snapchat completely, I have a quick guide up explaining how to delete your Snapchat account and associated data.