In a much belated blog post, Snapchat finally apologizes for the large security breach of the app, which left 4.6 million usernames and numbers accessible for hackers to find and distribute.
The software company first acknowledged the data leak during an announcement on January 2, 2014, but offered not so much as an apology, but an I told you so. In that same blog post, the company admitted to knowing about a report detailing the Find Friend security flaw in August of 2013 – a finding that should have alerted the company to potential hacks, and subsequent changes.
However, Since Snapchat chose to ignore those warning, the same security researchers, or “attackers,” released the app’s API to the public as a second warning, which was also largely ignored, and hidden in a small blog post on December 27, 2013, called Finding Friends with Phone Numbers:
Theoretically, if someone were able to upload a huge set of phone numbers, like every number in an area code, or every possible number in the U.S., they could create a database of the results and match usernames to phone numbers that way. Over the past year we’ve implemented various safeguards to make it more difficult to do. We recently added additional counter-measures and continue to make improvements to combat spam and abuse.
As many users were quick to criticize, the countermeasures were insufficient as was the inappropriately small alert, which led to the actualization of the theoretical security breach of the app within days.
It’s been a long and stubborn journey to this small apology today, which, was titled Find Friends Improvement, rather than, We Are Sorry:
Our team continues to make improvements to the Snapchat service to prevent future attempts to abuse our API. We are sorry for any problems this issue may have caused you and we really appreciate your patience and support.
For those still using the service, you may have noticed an update to the app this morning that lets you unlink your number from the app. Just go to settings >Mobile#.