As we become more and more reliant on cloud based services, privacy breaches could become increasingly commonplace with our personal data at risk of being seriously compromised.
The latest point in case involves the phone numbers and usernames of a staggering 4.6 million US and Canadian Snapchat users being leaked via the SnapchatDB site which is providing access to a database with 4.6 million Snapchat user IDs and phone numbers.
Thankfully some sanity has prevailed as SnapchatDB confirms they've censored the last 2 digits of phone numbers. This said, they've also said that people should "feel free" to contact them for an uncensored version of the database, which they say they are prepared to release under "certain circumstances".
Although phone numbers have been censored, usernames have remained unchanged, which is concerning as many people tend to use the same username for multiple online services, which opens up the prospect of people finding phone numbers associated with other online services or figuring out the phone numbers of people they wish to contact from the leaked data.
The leak comes only weeks after security researchers Gibson Security claimed to have discovered a security hole in the Snapchat in August. After Snapchat failed to respond to the problem, Gibson Security published details of the Snapchat app's private API, and showed how someone could check 10,000 phone numbers in just seven minutes. Now it appears that someone had indeed exploited the security hole before Snapchat closed it.
Snapchat had since conceded that in theory, it would be possible to upload a large set of phone numbers such as phone numbers in an entire US area code to match usernames to telephone numbers, But also stated that they'd put safeguards in place to prevent this from happening. Clearly these obstacles were not insurmountable.
Although the SnapchatDB site has been pulled, it has shown how little control we have over what happens to personal information once it is submitted to an online service. As we store an ever-increasing amount of data online, our exposure to security breaches doesn't look set to decrease any time soon, and there is little the average person can do aside from using unique user IDs and passwords for each online service they subscribe to.