This is the third time this year that Snapchat has been breached
(Updated with comment from Snapchat)
2014 seems to be turning into something of a test for Snapchat: can the service remain a hot commodity even though it seems to be fending off waves of hackers and spammers? Will users continue to trust it, despite all of these breaches? It's a real question, and Snapchat might not like the answer.
There have now been at least three successful attacks on the system in just the last month and half alone. The company is going to have to do something about this or else risk alienating users for good.
This time, Snapchat has been hit by a weight loss company, which sent out pictures of smoothies to the friends of the account it hacked into, it has been confirmed to VatorNews.
"Yesterday a small number of our users experienced a spam incident where unwanted photos were sent from their accounts. Our security team deployed additional measures to secure accounts. We recommend using unique and strong passwords to prevent abuse," a SnapChat spokesperson told me.
The hacking works by gaining access to user accounts, then sending out the pictures along with a link that will send the user to a scam website that sells weight-loss supplements. I would hope that most people would be savvy enough at this point not to click on that link, but obviously not everyone will be.
“It’s mostly cases where someone has your email address and password and gets in on the first try,” a Snapchat spokesperson told The Wire, who first noticed the breachon Tuesday night.
"We’re not seeing any evidence of brute-force tactics.”
Snapchat is also warning users to not use any third-party apps that ask for their login and password information.
VatorNews has reached out to Snapchat to find out if the leak has been fixed and if the source has been identified. We will update if we learn more.
Snapchat experienced its first breach of 2014 New Year's Eve, which resulted in a total of 4.6 million user names and passwords being leaked. The company addressed the leak a couple of days later, but noticeably did not apologize to its users. In fact it took the company a full nine days to finally say that it was sorry.
Then, in mid-January, Snapchat users were hit with a wave of spam. This time Snapchat apologized to users right away.
Part of what is concerning about leaks like these, besides the obvious, is that Snapchat's solutions always seem to be stopping the hackers from gaining information, rather than stopping the hackers themselves.
For the New Year's leak, Snapchat suggested its users opt out of the Find Friends feature. It also said it would be working closely with security groups to give users a better way to report such leaks. For the spam attack, it told users to adjust their settings to determine who can send them Snaps, and recommended setting it to “Only My Friends."
While these solutions may fend off hackers trying to gain access to a user's information and snaps, they do not address the underlying issue of how Snapchat plans to plug these leaks at the source.
(Image source: https://jitterscoffeeduluth.com)