By CyberSecurity Watch
The lesson from the Snapchat leaks is uncomfortable but clear: Once data exists on a server, it exists forever—even if only for "10 seconds." Stay updated on data breaches by subscribing to our cybersecurity newsletter.
Unlike text messages, the content of Snapchat is uniquely intimate—users send "risky" photos believing they are safe. When 13 gigabytes of these private images were leaked to 4chan and Reddit, the psychological damage was immediate. Victims reported doxxing, extortion, and permanent reputational harm. Snapchat’s response was tepid: they blamed users for using unauthorized third-party clients. Seven years later, history repeated itself on a larger scale. A threat actor known as "Brian" compiled an archive called "SnapDB" containing nearly 4.6 million Snapchat usernames and phone numbers. The data was scraped from Snapchat’s "Find Friends" feature—an API vulnerability that researchers had warned about as early as 2013.
