Dec 27

Finding Friends with Phone Numbers

Occasionally computer security professionals and other helpful people reach out to us about potential bugs and vulnerabilities in Snapchat. We are grateful for the assistance of professionals who practice responsible disclosure and we’ve generally worked well with those who have contacted us.

This week, on Christmas Eve, a security group posted documentation for our private API. This documentation included an allegation regarding a possible attack by which one could compile a database of Snapchat usernames and phone numbers. 

Our Find Friends feature allows users to upload their address book contacts to Snapchat so that we can display the accounts of Snapchatters who match the phone numbers found in the address book. Adding a phone number to your Snapchat account is optional, but it’s helpful for allowing your friends to find you. We don’t display the phone numbers to other users and we don’t support the ability to look up phone numbers based on someone’s username.

Theoretically, if someone were able to upload a huge set of phone numbers, like every number in an area code, or every possible number in the U.S., they could create a database of the results and match usernames to phone numbers that way. Over the past year we’ve implemented various safeguards to make it more difficult to do. We recently added additional counter-measures and continue to make improvements to combat spam and abuse.

Happy Snapping!

  1. sabrinabizzleeckrichjb reblogged this from snapchatme
  2. hctr31690 reblogged this from snapchatme
  3. edithigunborxxx123 reblogged this from snapchatme
  4. rudy-calmez reblogged this from snapchatme
  5. fourfatasses reblogged this from halcy
  6. camylleme reblogged this from snapchatme
  7. mellow937 reblogged this from snapchatme
  8. mesodoll reblogged this from halcy and added:
    snapchat was compromised. might not be a bad idea to look at your account to see what’s up
  9. cmlh reblogged this from snapchatme and added:
    Since I have some experience in disclosing vulnerabilities in Social Media I would agree with SnapChat’s position in...
  10. wonder-meathead reblogged this from jessesbizarreventura and added:
    >expecting big name companies with millions of dollars and high paid lawyers to actually give a fuck about you, or your...
  11. jessesbizarreventura reblogged this from halcy
  12. halcy reblogged this from snapchatme and added:
    This is so amazing. Step 1: Security researchers find huge holes in Snapchat (Refresher: Snapchat are the “ephemeral...
  13. gloria1234love reblogged this from snapchatme
  14. katiekadwell reblogged this from snapchatme
  15. scotland-broseph reblogged this from snapchatme and added:
    Okay, except our phone numbers are published on the internet. How are you going to fix that?
  16. grantstavely reblogged this from snapchatme
  17. whycanttherebesilence reblogged this from snapchatme
  18. stevenewton reblogged this from snapchatme
Snapchat is lovingly built in Los Angeles, California.