Snapchat Security Glitch: Why photo app Snapchat could trigger massive international security breach

Snapchat lovers might have to stop using this popular app altogether if they find out what researchers have discovered.

Researchers from Gibson Security reported that hackers could easily connect Snapchat accounts to names and phone numbers of its owners due to a security loophole they discovered in the app's coding and application programming interface or API.

Snapchat is a phone application that allows users to take and send photos and videos that are only available for viewing for a maximum of 10 seconds. The pictures and videos also vanish once they are opened.

People could pay a few dollars and obtain the phone number and social media profiles of a person, just by their username," said Gibson Security in their report.

Authorities from Gibson Security had informed Snapchat of the situation in August 2013 but the software makers ignored the claim and did not openly make a move to rectify the glitch. 

Gibson Security analysts explained that the photo messaging application's users could have their aliases, names and phone numbers stolen through Snapchat and iOS API. Users who put their account in 'private' are not exempted from this breach, according to ZDNet. Researchers from Gibson Security theorized that by taking advantage of this glitch, it is possible for hackers to "automatically build profiles about users, which could be sold for a lot of money."

They also added that these hackers could attempt to operate a service like ssndob.cc where it is possible to buy people's phone numbers and social media profiles just by paying a certain amount.

Gibson Security's main concern, however, is that with the phone app's popularity, hackers could use this for stalking and scamming purposes. 
The authorities confirmed that a person can easily get someone's contact details if he or she has an idea where they live. 

Snapchat recently rejected an offer from Facebook for a US$3 billion buyout last November, which authorities from Gibson Security claim proves that a higher value could be obtained through the illegal selling of user profile database. 

Real Time Analytics