Snapchat


In January 2014 just one week after Gibson Security detailed vulnerabilities in the service, Snapchat had 4.6 million usernames and phone number exposed. The attack involved brute force enumeration of a large number of phone numbers against the Snapchat API in what appears to be a response to Snapchat’s assertion that such an attack was "theoretical". Consequently, the breach enabled individual usernames (which are often used across other services) to be resolved to phone numbers which users usually wish to keep private.

Domain Entries Date Breached Hashing Privacy acknowledged?
https://snapchat.com 4,609,615 2014-01-01 N/A Public No

Information leaked

Geographic locations, Phone numbers, Usernames


Notice any errors/mistakes in this breach entry? Please contact us and we will fix it ASAP. We strive to be the best and most accurate, so your contribution(s) will be greatly appreciated.