Home > 2014 > Identity Theft > The Hidden Danger After the Snapchat Hack

The Hidden Danger After the Snapchat Hack

Advertiser Disclosure Comments 0 Comments

Snapchat users face another potential threat to their privacy: online tools designed to help users determine if their name and phone number was among the 4.6 million compromised in a recent hack.

Two tools — GS Lookup and Snapcheck.org — allow users to enter their username or phone number and find out if they made the list of compromised accounts. The sites claim to offer a public service, but it’s important for users to take extra care. Individuals can protect themselves by asking these basic questions.

Who Is Behind the Site?

GS Lookup was reported to have been created by U.S. programmers Will Smidlein and Robbie Trencheny. That said, a footnote on the site references a redirection from other Twitter accounts, which does not inspire confidence. Snapcheck.org is attributed to Vik Paruchuri, whose Twitter account lists him as a Web development/software person. While their intentions may be civic-minded, that is not verifiable with the information at hand. It’s better to be safe than sorry, and it is a safe assumption that if Snapchat was breached and you have a Snapchat account, that information was compromised. How does anyone know that the data thieves published the entire list of names that were obtained? Would you really trust an unverified website to put your mind at ease when you know a breach has occurred and the company that was breached isn’t providing details?

What Are They Doing With the Information?

If, after story after story of data theft and loss, you believe these websites are offered only by legitimate sources and that they only use your information to help you and then discard your information afterward. Just remember: Once you give a company your information, they have it. They most likely aren’t deleting it. They often use and perhaps sell it. If that information is identical to account information you have for other companies, then both (or all) of those accounts are exposed if one is exposed.

Are These Newly-Launched Sites Secure?

Even if the websites for checking the Snapchat exposure are well-intentioned, if they weren’t coded securely, they may be vulnerable to other hackers who launch a “man-in-the-middle” attack, in which the hacker captures the information you enter into a browser before it reaches the intended website.

We need to start holding the companies we entrust with data accountable for the security of consumer information. The companies collecting, storing and using our information, even with permission, need to affirm that they follow best practices — such as using encryption, segmenting data, and having a third-party audit their security program so they actively look for and remediate vulnerabilities rather than wait for the “bad guys” to exploit their weaknesses.

More on Identity Theft:

Image: iStock

Comments on articles and responses to those comments are not provided or commissioned by a bank advertiser. Responses have not been reviewed, approved or otherwise endorsed by a bank advertiser. It is not a bank advertiser's responsibility to ensure all posts and/or questions are answered.

Please note that our comments are moderated, so it may take a little time before you see them on the page. Thanks for your patience.

Certain credit cards and other financial products mentioned in this and other articles on Credit.com News & Advice may also be offered through Credit.com product pages, and Credit.com will be compensated if our users apply for and ultimately sign up for any of these cards or products. However, this relationship does not result in any preferential editorial treatment.