Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Thursday, 23 March, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Snapchat plans update after user data leak

by The Gurus
January 3, 2014
in Editor's News
Share on FacebookShare on Twitter

Snapchat has announced that it is to release an update to its application to address and reduce abuse opportunities after user details were leaked online.

According to a blog post by the company, the ability to enter a phone number to enable users to find friends was introduced after the launch of the application, and it was informed about potential abuse of this feature by Gibson Security in August 2013.
“Shortly thereafter, we implemented practices like rate limiting aimed at addressing these concerns. On Christmas Eve, that same group publicly documented our API, making it easier for individuals to abuse our service and violate our Terms of Use,” it said. Gibson Security denied any involvement in the hacking.
Snapchat confirmed that even though an attacker released a database of partially redacted phone numbers and usernames, which could be correlated to find users, no other information was leaked or accessed. The planned update will allow users to opt out of appearing in Find Friends after they have verified their phone number, and it is improving rate limiting and other restrictions to address future attempts to abuse the service.
“The Snapchat community is a place where friends feel comfortable expressing themselves and we’re dedicated to preventing abuse,” it said.
On New Year’s Eve, attackers published the details of 4.6 million Snapchat users, with the last two digits of each phone number redacted. The site was later taken down, but those behind it said that it was published to “raise awareness” of the issue.
Tim ‘TK’ Keanini, CTO at Lancope, said: “Just in the past month, it seems that the frequency of account comprises are so high that people are having to change their passwords on a weekly basis.  This is not sustainable.  How bad does it have to get before it starts getting better?
“The more users you have in your online system, the more attractive you are to the advanced threat. They will work all day and all night to penetrate your systems and in turn, you must work all day and all night to ensure that you defend your system. At some point, product managers of these systems will prioritise security related features over all the other features in the backlog and make it happen sooner than later. Until then, there will be many more stories like this and good luck having to change your password for an upward of 50+ accounts on a weekly basis.”
FacebookTweetLinkedIn
Tags: Applicationdata breachmobile
ShareTweetShare
Previous Post

FireEye's $1 billion deal for Mandiant

Next Post

FireEye acquires Mandiant for $1bn to detect and resolve attacks

Recent News

Blue logo, capitalised letters. SPECOPS.

Fortune 500 Company Names Found in Compromised Password Data

March 23, 2023
Ferrari Data Breach: The Industry has its say

Ferrari Data Breach: The Industry has its say

March 22, 2023
security

What Is Observability, And Why Is It Crucial To Your Business?

March 21, 2023
Organisational Cybersecurity.jpg

How Emerging Trends in Virtual Reality Impact Cybersecurity

March 21, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information