Hackers claim to reveal millions of Snapchat usernames and phone numbers

A website called SnapchatDB has made available for download what they claim is a database of 4.6 million Snapchat users, revealing usernames and phone numbers.

Snapchat numbers

An obvious concern is that many people on the internet adopt the same username on multiple services, perhaps making it easy for unauthorised parties to determine the private phone numbers of – say – Twitter or Facebook users.

And, of course, it’s possible that you have been flirting with someone via Snapchat that you *didn’t* want to have access to your phone number. Snapchat, you will remember, is designed to let you send a sexy snap that is only supposed to be viewable for a few seconds before it is destroyed).

Sign up to our free newsletter.
Security news, advice, and tips.

SnapchatThe database’s release is further bad news for the popular iOS and Android app, which just before Christmas caught the attention of an Australian security group who published an API detailing how to access any phone number and username from the smartphone photo-sharing service beloved by sexting teens.

The group, who went by the name of Gibson Security, claimed they had been provoked by Snapchat who they felt had ignored the privacy hole which had been first disclosed in August 2013.

On December 27, Snapchat said that they had “implemented various safeguards” and “additional counter-measures” to make it more difficult for hackers to scoop up the details of users.

The database of 4.6 million usernames and phone numbers was, according to the people behind the website, done to “raise awareness” of the exploit.

This database contains username and phone number pairs of a vast majority of the Snapchat users. This information was acquired through the recently patched Snapchat exploit and is being shared with the public to raise awareness on the issue. The company was too reluctant at patching the exploit until they knew it was too late and companies that we trust with our information should be more careful when dealing with it.

The only modicum of comfort for affected users is that the last two digits of their phone numbers have been redacted from the downloadable database, although that may still be enough to help pinpoint a user’s approximate location and – worryingly – the anonymous hackers behind the SnapchatDB website say that under certain cirumstances they may be prepared to release it.

At least one website – www.snapcheck.org – has been created, claiming to help Snapchat users determine if their details might have been exposed by the privacy breach.

Be careful out there.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.