Is Snapchat a Security Sieve?

A New Year’s Eve leak that exposed the usernames and phone numbers of 4.6 million Snapchatters confirmed what researchers had been forewarning since August—Snapchat is a security sieve. Hackers used a public security report, issued by researchers at the Australian-based Gibson Security in August 2013, to download the database of Snapchat user information and publish it as “SnapchatDB.” According to the hackers, their aim was to force fixes and send a message. Message received? With Snapchat’s slow response and so-slow-it-may-never-come apology, it’s hard to say.
Techonomy’s David Kirkpatrick joined Gigaom’s Om Malik on Bloomberg West last week to discuss the Dec. 31 breach and Snapchat’s ensuing PR snafu. While Snapchat did respond to the leak via a Jan. 2 blog post announcing plans to launch a new version of its app that will allow users to opt out of the vulnerable “Find Friends” feature at the center of the breach, it did not say when the new version would be released. Nor did it make any apologies. Malik called the situation a “PR mess,” but continues to see potential for the young company.
Kirkpatrick’s hopes for Snapchat, though, are a lot lower. “I think this company is a very immature company and its leaders are intoxicated with their own seeming overnight success. They have made a number of mistakes,” Kirkpatrick, a contributing editor at Bloomberg, said, referring to earlier reports that Snapchat was offered billion-dollar buyouts from both Facebook and Google. “If they were really offered $3 billion by Facebook or $4 billion by Google and they turned it down, they were idiots.”