A website titled SnapchatDB leaked 4.6 million Snapchat usernames and their associated phone numbers and geographical regions earlier today, Forbes is reporting. A team of anonymous hackers reportedly used a ‘Snapchat API exploit’ to compile the database, which was being offered as a SQL database dump (approx. 40MB) or as a CSV file, on http://www.snapchatdb.info/.
The hackers, who used security exploits documented last week by Gibson Security, claim that the database contains username and phone number pairs of a vast majority of the Snapchat users. SnapchatDB also notes that this information “is being shared with the public to raise awareness” on the security loophole, which Snapchat had been ignoring since August and has been too reluctant at patching the exploit.
Instructions on the website say:
“You are downloading 4.6 million users’ phone number information, along with their usernames. People tend to use the same username around the web so you can use this information to find phone number information associated with Facebook and Twitter accounts, or simply to figure out the phone numbers of people you wish to get in touch with.”
It looks like SnapchatDB.info has now gone offline with this message: “This account has been suspended. Either the domain has been overused, or the reseller ran out of resources.”
Snapchat has yet to officially comment on the leak.