Snapchat belatedly issues patch – and apology – for Dec. breach
After a big breach in December, Snapchat has finally lurched into gear.
Reuters
Back in late December, the Australian group Gibson Security released a report on the vulnerability of Snapchat, the popular messaging application. The names and phone numbers of Snapchat users, Gibson Security researchers alleged, could be easily obtained through gaping holes in the iOS and Android application programming interfaces, or APIs.
A couple days later, a group of anonymous hackers used those holes to expose the personal information of 4.6 million Snapchatters. In response, Snapchat said it would employ "additional counter-measures" to prevent further hacks.
And today, the company – which recently received a valuation of $3.5 billion – has released an updated version of its Android and iOS apps. The update allows users to opt out of associating their phone numbers with their username, and "improves [the] Find Friends functionality," the same feature that Gibson Security highlighted as particularly susceptible to breaches.
"Our team continues to make improvements to the Snapchat service to prevent future attempts to abuse our API," reps for Snapchat wrote in a post on the company blog. "We are sorry for any problems this issue may have caused you and we really appreciate your patience and support."
But has the damage already be done? Over at Yahoo, Jeff Macke wonders why it took founder Evan Spiegel so long to respond to the initial Gibson Security report.
"If the Internet has taught us anything about user masses its that they tend to be fickle. It doesn’t take much for an app to lose its mojo and there’s another 'Next Big Thing' right around the corner," Mr. Macke writes. "Snapchat’s breach and response call into question whether Spiegel is a Zuckerbergian wunderkind or 23-year old wise-ass. If its the latter it calls into question whether Snapchat has much to offer beyond fleeting appeal and buzz."