It has been reported that 4chan hackers have hacked into at least 100,000 Snapchat images sent via unofficial third party apps.
Snapchat have tweeted a response to the claims by hackers that ‘Snapchat’s servers were never breached and were not the source of these leaks.’ Snapchat seemed to put the responsibility on the users by stating the users were ‘victimised by their use of third-party apps.’ The company then go on to confirm that this is something they prohibit in their Terms of Use.
Mark Kraynak, director of product management at Imperva, said this incident showed the underlying risk of using third party apps, “Many websites use third-party applications and expose their entire customer base to that same risk. This underscores the need for an external solution that can protect entire application as opposed to relying on the application to protect itself, which is something that you can’t be assured of if you don’t own the application.”
Mark James, security specialist, ESET said that the nature of Snapchat lulls the user into a false sense of security, “The very concept of Snapchat leads the user to believe that their photos or videos are deleted very quickly after they have been shared. In 2013 a complaint with the federal trade commission stated this was not the case and this info could in fact be retrieved after the time limit expired. The user however will still use the app believing they are safe from hackers as Snapchat servers hold no information that could be hacked or compromised.”
“This incident again showed that it’s all about perception of what is secure and what is not. The best advice I can offer in this case and the next “when it happens” is do not use your smartphone or tablet to take images of you or your partner if you want them to remain private.”
Fred Touchette, manager of security research at AppRiver pointed out that most people simply do not understand the nature of the internet. “People are very concerned with their privacy, and rightly so. However a lot of people fail to grasp the concept that the internet is not a very private place. The best way to keep those photos safe is to not post them anywhere online, even if you think that server in the cloud is only for your eyes only.”