Snapchat users beware: someone has posted the phone numbers and usernames of more than 4.6 million accounts on the site SnapchatDB, freely available as an SQL dump or CSV text file for anyone to download. The last two digits of each phone number have been censored “in order to minimize spam and abuse,” but the owner of the database says that “under certain circumstances,” the site might be willing to release the uncensored records.
This giant leak comes just days after Gibson Security’s latest interview in which the company warns of Snapchat’s vulnerabilities. According to Gibson Security, the Snapchat team had taken far too long to address some very serious issues with the coding of the software, and had left the application wide open to exploits that could compromise user information. It has been less than a week since that interview, and now an entire database of phone numbers and usernames is just a click away.
Although SnapchatDB claims that the database represents “a vast majority of the Snapchat users,” The Verge points us in the direction of Reddit, where one user has determined that only 76 of 322 U.S. area codes appear on the list.
“This information was acquired through the recently patched Snapchat exploit and is being shared with the public to raise awareness on the issue,” says the owner of SnapchatDB. “The company was too reluctant at patching the exploit until they knew it was too late and companies that we trust with our information should be more careful when dealing with it.”
UPDATE: SnapchatDB.info has been suspended and is no longer available.