Hackers are threatening to post online a large collection of photos, including nude images, sent by Snapchat users and apparently intercepted via third-party apps, Business Insider is reporting. The number of photos in question — at least 100,000 — is much larger than number of the nude celebrity photos stolen from Apple’s iCloud earlier this year. Many images are likely to be of users under the age of 17.
Snapchat’s photo messaging app lets users send and receive photos, videos and drawings with a designated time limit for viewing. After that time expires, the content is supposed to be removed from view and deleted from Snapchat’s servers. However, a number of third-party apps allow users to save content.
Snapchat, based in Los Angeles, so far today has posted two tweets on the matter. One noted, “We can confirm that Snapchat’s servers were never breached and were not the source of these leaks.” A second tweet sent shortly afterward added, “Snapchatters were victimized by their use of third-party apps to send and receive Snaps, a practice that we expressly prohibit in our ToU (terms of use).”
Half of Users Ages 13-17
The 13 GB worth of hacked Snapchat photos are reportedly being assembled into a searchable database to be posted on the chat forum 4chan. Business Insider posted screenshots from 4chan showing users discussing the photos. The report also noted that discussions on 4chan indicated that the third-party app SnapSaved was apparently the source of the photos.
The database of photos had reportedly been posted on another site but has since been taken down, by which point many users had already downloaded the images.
According to the media marketing site Digiday, Snapchat claims to have more than 30 million users who send 700 million pictures and videos every day. About half of Snapchat’s users are between the ages of 13 and 17, it added. We contacted Snapchat for comment but did not receive a response from the company.
FTC, EFF Complaints
This is far from the first time Snapchat has found itself in hot water for its handling of user content. In May, the company settled with the U.S. Federal Trade Commission (FTC) on charges that it had misrepresented how much personal data it collected from users, and what security measures it used. Under the terms of the settlement, Snapchat will have to implement a comprehensive privacy program, which will be monitored by an independent privacy expert for the next 20 years.
The Electronic Frontier Foundation (EFF), an advocacy organization that works on civil liberty issues in the digital realm, gave Snapchat just one out of six star in its annual “Who Has Your Back” report earlier this year, noting that the company does not require a warrant for government access to its users’ content.
Late last year, Snapchat was also the target of another data breach. In that case, a hacker published some 4.6 million Snapchat usernames and phone numbers. However, it turned out that the company had been warned about a possible vulnerability months earlier but had done nothing.
We reached out to the EFF for its reaction to the latest Snapchat news. “Events like this underscore that it is not enough to take a company’s word that their messaging app is ‘secure‘ or ‘private,'” technology projects director Peter Eckersley told us. “If we want secure ways to communicate with each other, the code for these systems will need to be well-designed, open, and verifiably audited.”
This entry passed through the Full-Text RSS service – if this is your content and you’re reading it on someone else’s site, please read the FAQ at fivefilters.org/content-only/faq.php#publishers.
