A few short hours ago, a repository of photos from the iOS and Android app Snapchat appeared on the website 4/chan, along with the usernames and passwords of the affected accounts attached to each pic.
There are two possible culprits in this caper, and surprisingly, neither of them are Snapchat themselves. Instead, the problem probably came from either SnapSave and SnapSaved, applications designed to give users a way to take and save snapshots inside the hugely popular photo-sharing app.
All told there are around 200,000 photos of both men and women, none of whom have had their age confirmed, which could potentially turn this case from a simple act of hacking into child pornography distribution charges, though that side of the story will only come out as more details around the initial breach are analyzed and confirmed.
Snapchat was quick out of the gate to squash any rumors that their offices had been hacked, making sure to emphasize that the company never stores any data longer than the 10 second limit that their users can impose on each message.
4chan had been abuzz for weeks about a “new photo leak” on the horizon, and with the fires of ‘The Fappening’ just starting to cool, many were hopeful there was another cache of celebrity pics in the pipeline.
While Snapsave (sans the “d” and the “.com”) claimed they never store username and password data in a statement to Endgadget, they were also unable to prove that it wasn’t their servers which had been breached.
“Our app had nothing to do with it and we’ve never logged username/passwords”, said SnapSave representative Georgie Casey.
That in mind, the more likely of the two suspects is SnapSaved.com, which was originally created as a website which could pose as the mobile app on your desktop, allowing you to save, store, and recall any photos that had passed through your account free of charge.
The idea didn’t last for very long though, staying active for just a few short months after only attracting a painfully low number of users in the amount of time they kept the servers live. SnapSaved has since shut down its operations, and the website now redirects to a Danish e-commerce website hawking TV antennas and set-top boxes.
Unlike Snapchat, SnapSaved made the mistake of storing every single picture that passed through their network, and in doing so created an easy-to-access database of people’s personal moments that caught them in all various sorts of undress.
Snapchat is racing to mitigate the damage, throwing lawsuits in the faces of all the websites currently hosting the file that contains the master file. That said, it’s pretty much like throwing a cup of water on a barn fire at this point, as more and more torrents continue to pop up on the hour containing both the photos and the credentials of the users who sent them.