A weakness in Snapchat’s developer tools apparently has been discovered and published online. The vulnerability could allow hackers to find individual Snapchat users’ information, whether or not those users keep their accounts private.
Gibson Security, a collective of Australian hackers, published the vulnerability this week, claiming others can use an exploit called “find_friends” to try and match up phone numbers with Snapchat users. If there are any matches, the hacker will get the phone number’s corresponding Snapchat username, display name and information about whether that account is public or private.
The Australian hackers said this vulnerability could be used by others to build a database of Snapchat user profiles and sell them, according to ZDNet. The information, of course, could also be used to stalk individuals.
The group of hackers said they contacted Snapchat about this problem four months ago, but the Los Angeles startup has ignored them.
Gibson Security said it decided to publish its findings online since Snapchat didn’t seem concerned about the problem, which it says could be fixed with just a few lines of code.
Snapchat could not be reached for comment.