NEW YORK – Snapchat, the disappearing-message service popular with young people, has been quiet following a security breach that allowed hackers to collect the usernames and phone numbers of millions of its users.
Company spokeswoman Mary Ritti said Thursday morning that the company is assessing the situation but had no further comment.
As Americans rang in the New Year, hackers reportedly published 4.6 million Snapchat usernames and phone numbers on a website called snapchatdb.info, which has since been suspended.
The breach came less than a week after security experts alerted Snapchat of a vulnerability in its system and warned that an attack could take place.
In response to the warning, Snapchat said in a blog post Dec. 27 that it had implemented various safeguards during the past year that would make it more difficult to steal large sets of phone numbers.
But the measures appear to have fallen short.
The incident bruises the image of a young company that reportedly turned down a $3 billion buyout offer from Facebook last year. According to the Pew Research Centers Internet & American Life Project, 9 percent of U.S. cellphone owners use Snapchat, which amounts to roughly 20 million adults, based on 2012 census data.
The Pew study didnt include users younger than 18, a demographic among which Snapchat is especially popular. The Los Angeles-based company, which has no source of revenue, has not disclosed its own user figures.
What should users do? Gibson Security, the firm that warned Snapchat of the security vulnerability Dec. 25, has created a site – lookup.gibsonsec.org – that lets users type in their username to see if their phone number was among those leaked. Of two user accounts that The Associated Press checked, one had been compromised.
Gibson says users can delete their Snapchat account, but this wont remove your phone number from the already circulating leaked database.
Users can also ask their phone company for a new number.
This was Gibsons second warning to Snapchat, following one in August that the security firm said was ignored.