SnapchatDB: My Interview with the people behind the Snapchat Hack, Publishing Information of 4,6 Mio Users

snapchatdb

Recently, famous instant messaging service Snapchat was hacked, resulting in the public release of the information of 4.6 Million users on a website called SnapchatDB.info (currently offline, view in Google Cache).  I conducted an interview via Bitmessage with the authors of the hack, asking for their motivation and their view on privacy in social networks and the internet. Here it is:

1. You are getting big buzz for hacking and publicitly releasing the information of 4.6 Million Snapchat users. What was your motivation for the hack, and why did you choose to release the information to the public (instead of selling the data or sharing them just with Snapchat)?

We value privacy and we want companies to share our values. Granted, startups have limited amount of resources but security should never be a secondary goal. User experience is highly correlated with security. Our motivation behind this release was to raise the public awareness on the issue, and also put public pressure on Snapchat to get this exploit fixed.

2. How hard was it to get to this data?

Gaining access to this information is really easier than it should be, it still is, even after this leak, and Gibsonsec’s warnings and attempts to get in touch with Snapchat. The exploit still persists, and is unpatched.

3. In your opinion, how should companies and hackers relate? Do you see form of fruitful cooperations, e.g. rewards beeing offered for exploit not made public?

There are already existent programs that reward hackers in case they discover exploits and report them to companies. Snapchat currently doesn’t have such a program, but maybe they will in the future.

4. What is your advice for tech companies? What should they do to ensure privacy of their users data?

Our advice to tech companies would be to pay more attention to privacy and security, especially if they have a large userbase and if they are holding sensitive information.

5. What is your advice to users, especially for their use of social media tools and messengers? How can we make sure our private information is kept private?

I would advice the users to share articles regarding this leak on social media as much as possible to raise awareness.

6. What is your view on the future of social media and the internet in general, especially regarding privacy issues as demonstrated in hacks, and especially, the revelations about NSA activities?

When it comes to the recent NSA revelations, there is not much to say. Governments are clearly overstepping their boundaries. Privacy is an essential human need, and trying to take it away from the people by spreading fear, uncertainty and doubt is against the very fundamentals of democracy. Governments are for people, people aren’t for governments.

Thanks for the interview!

Update
The interview has been quoted on Techienews.co.uk and Internet Patrol. Thanks for sharing!