About a week ago it was discovered that a group of hackers caught on to undocumented APIs from the popular messaging service SnapChap along with tweak security exploits that expose personal information about its users.
The group of hackers are from Australia and go by the name of Gibson Security and initially talked to ZDNet about their findings.
Today the exploits discovered by Gibson Security have allowed the individual(s) behind SnapchatDB to compile 4.6 million SnapChat records and make them publicly available for viewing on the internet.
The file contains phone numbers, usernames and passwords of over 4.6 million Snapchat users and is available for download as an SQL dump or CSV file. Reportedly the last two digits on the phone numbers are obscured, but if you want access to the unaltered database you simply need to contact SnapchatDB and likely pay a price.
Reports have been coming in that the leaked data only contains area codes in North America. There are two Canadian area codes and only 76 of the 322 available US area codes.
The two Canadian area codes were 867 and 204 (Northwest Territories and Manitoba, respectively).
As for those residing in the US, if your phone number is in any of these states, you’re not in the database:
- Alaska
- Delaware
- Hawaii
- Kansas
- Maryland
- Mississippi
- Missouri
- Montana
- Nebraska
- Nevada
- New Hampshire
- New Mexico
- North Carolina
- North Dakota
- Oklahoma
- Oregon
- Rhode Island
- Utah
- Vermont
- West Virginia
- Wyoming
SnapChat has indeed confirmed the exploit and has since gone on to patch it. The company downplayed the significance of the hack in a recent blog post and stated user information has been recompiled using “the recently patched Snapchat exploit.”
Those who reside in any of the areas that have been effected should change their password immediately.
Huge pile of sticks says
(Psst, it’s “affected”)