13 Oct 2014

Alleged victims of Snapchat hack named online

A document containing usernames of alleged victims of the hack of Snapchat-related services has been posted online, meaning people linked to 2,000 private images may be identifiable.

More than 90,000 files, many explicit, were released on Sunday night via social media networks after a hack of third-party services relating to the picture sharing app Snapchat.

Channel 4 News has now found that a document containing 300 usernames linked to the hacked images has been uploaded online.

The document was uploaded to a text-sharing website and has been viewed more than 6,000 times.

2,000 images could be linked to these usernames and then to the people’s real identities – if they use the same username elsewhere online.

These 2,173 images are linked to 320 individual users who are potentially identifiable by their friends, or simply by having used the username elsewhere on the web.

Snapsaved

Snapchat allows users to send photos that delete after a certain amount of time designated by the sender, on their phone or mobile device.

But some apps or websites such as Snapsaved allow the person who receives the photos to save the image for a repeated viewing.

In an unsigned statement posted on Facebook, Snapsaved said: “I would like to inform the public that snapsaved.com was hacked. SnapChat has not been hacked, and these images do not originate from their database. The majority of our users are Swedish, Norwegian and American.”

The spokesperson said the the breach was much smaller than first thought, and may involve substantially less than 90,000 files.

“As soon as we discovered the breach in our systems, we immediately deleted the entire website and the database associated with it. As far as we can tell, the breach has affected 500MB of images, and zero personal information from the database.”

But among the usernames seen by Channel 4 News are people of many nationalities, including a large number of Scandinavian users.

One of the usernames is linked to 182 images, while more than 20 usernames have had more than 20 images saved.

Snapchat said: “We can confirm that Snapchat’s servers were never breached and were not the source of these leaks.

“Snapchatters were victimized by their use of third-party apps to send and receive Snaps, a practice that we expressly prohibit in our Terms of Use precisely because they compromise our users’ security.”

Child pornography

People who have downloaded the file of images have reported that it contains a large amount of child pornography.

Some of the usernames include the numbers ’98’ and ’99’ at the end of their username, which if indicating a date of birth would suggest the user could be under 16.

It’s unclear whether these usernames relate to the user who sent the image, or the user who received and saved the image, but it is thought that a number of the images are explicit.

The mass hack, which is being called the Snappening, comes just weeks after hundreds of naked celebrity photos were leaked after an iCloud hack.