The photo and video sharing app, Snapchat has reportedly been hacked. Not just that, the login credentials of compromised accounts are also available at a site called Snapchatdb.info. Although the site isn’t working for some at the moment, I was able to track down the zip file containing the hacked data on a very popular torrent site.
Last week, Gibson Research reported about the vulnerability in the Snapchat database. It also noted down that this security loophole had been around for last four months, and could be fixed with a dozen line of codes, but evidently Snapchat didn’t find it alarming enough.
Snapchatdb.info hosts the compromised data of about 4.6 million people, which can be downloaded as an SQL dumb or a CSV text file. The site says,
For now, we have censored the last two digits of the phone numbers in order to minimize spam and abuse. Feel free to contact us to ask for the uncensored database. Under certain circumstances, we may agree to release it.
The site seems inaccessible for now, but we don’t know if it will stay that way forever. As part of reporting, I looked into the popular torrent site The Pirate Bay, and found the compromised database files there.
To check if your account was a part of the 4.6 million hacked accounts, you can use Snapchat checker script, and change your password as soon as possible, as a security measure. The founders of Snapchat recently declined the $3 million accusation offer from Facebook.
Snapchat hasn’t officially made any statement yet. We will update the post with more information as we get it.