Recently, 98,000 images and videos taken by users of the popular social media service Snapchat were leaked and published online by a hacker who had gained access to the data stored on third-party website, SnapSaved.com. The unofficial, and now defunct, SnapSaved.com, is a Danish site which allowed users to log in to their Snapchat account and store their Snapchat content online, synonymously granting the website itself access to their credentials. Details of just how exactly hackers gained access to this data from SnapSaved.com are still unsure, however it is clear that the leak of 13GB of data, far greater than the 500MB announced by SnapSaved.com has breached the privacy of Snapchat’s users.
Previously, Snapchatters understood it to be safe to share images, explicit or not, via the application, reassured by the app’s ‘instant deletion’ feature. Despite Snapchats’ usual exchange of ephemeral images, SnapSaved.com was able to exploit the flaws in its security model, notably its lack of an official Application Programming Interface (API), which allowed the site to save and store user’s images and videos. Although Snapsave.com is totally independent from the original app itself, the ensuing hacking scandal, dubbed ‘the Snappening’, is worsened by Snapchat’s teen-skewed demographic, raising the issue of indecent stolen images and even child pornography.
In the social media fuelled society we live in today, seemingly obsessed with non-consensual images, it is unacceptable for Snapchat to have allowed such glaringly obvious flaws in their API system to exist, crying out for manipulation by a third-party. Both Facebook and Twitter have developed official API’s, granting them the ability to track third-party apps and police their own platform with complete control. Although Snapchat is a much younger social media phenomenon than both of the above, it must take radical steps to ensure that the safety and security of its users’ information becomes a priority.