Snapchat has become the latest major company to have been hacked and its data about its users stolen by identity thieves. More than 4.6 million user names and telephone numbers were taken in the hack. Snapchat is an app that enables you to send photos and video messages that self destruct after they are viewed, which is one reason the app has been popular with “sexters,” people sending sexually suggestive photographs that the sender may not want to have turn up elsewhere on the Internet at a later time. A disturbing aspect to this latest hacking is that the security flaw exploited by the hackers was brought to the attention of Snapchat last summer, but the company did not take proper steps to remedy the problem. Although it may seem like merely having your username and phone number fall into the hands of hackers would not pose a problem, it can lead to identity theft because many people use the same name for many different accounts and the phone numbers can lead to targeted calls from identity thieves who already know your name and can make it appear that they are associated with a company with which you do business such as your bank and lure you into providing personal information that, in turn, can lead to identity theft.
Gibson Security, an Australian security firm first uncovered the security flaw in August and brought it to the attention of Snapchat which ignored the warning. Gibson Security has also set up a website to which you can go if you are a Snapchat user and want to find out if your username and phone number were among those stolen. The website is www.lookup.gibsonsec.org. Users of Snapchat can go to that website and find out if they were among the victims of the hacking. If you were and you wish to continue to use Snapchat, you should change your username. You also should take this as a lesson that you should not use the same username for all of your accounts. If indeed you do use the same username for all of your accounts, change them all to different ones for each account. As for your telephone number, you probably do not need to change your telephone number although it is now in the possession of identity thieves, but you should be on heightened alert if you receive a telephone call in which you are asked for personal information. Remember, Caller ID can be “spoofed” so the call can appear to come from a legitimate source when, in fact, it is coming from an identity thief. Don’t trust your Caller ID and never give personal information over the phone to anyone who calls you. If you think the call is from a legitimate company or entity that does have a need for your personal information, call them back at a number that you know is accurate.