The Snappening: How were Snapchat user's images hacked and should we all be worried?

Sign up to our free weekly IndyTech newsletter delivered straight to your inbox

Sign up to our free IndyTech newsletter

Please enter a valid email address

Please enter a valid email address

SIGN UP

I would like to be emailed about offers, events and updates from The Independent. Read our privacy notice

A hack similar to last month's celebrity photo scandal has seen more than 90,000 explicit photos sent using Snapchat posted online. But how did the images get stolen, and should Snapchat users be worried?

While Hollywood stars like Jennifer Lawrence were victims of the original photo hack, along with many other prominent female stars, this latest attack involves a mix of regular users of the Snapchat app.

Originally thought to be a hoax, a database of images has since appeared online, with forum sites like 4Chan, previously at the centre of the celebrity nude photo leak, once again hosting links to the images.

Here are the key questions surrounding "The Snappening".

For those not familiar with the app, Snapchat is an instant messaging service that allows users to send picture messages to each other. The twist is the images "self-destruct" after a set time limit and disappear forever. Users can set this time between 1 and 10 seconds. This has, in some cases lent itself to explicit images being exchanged under the impression that they can not be saved. Snapchat has warned users in the past against using the service for "sexting".

Snapchat has been quick to respond, confirming that the app and service itself wasn't hacked. Instead the problem stems from unofficial third-party apps that give users the power to save images they are sent. Apps like Snapsave on the Android platform enable users to enter their Snapchat log-in details and then save images they are sent without the knowledge of the sender. The images are stored in a database, and it is this type of app that is believed to have been accessed in order to round-up content for the leak.

"We can confirm that Snapchat's servers were never breached and were not the source of these leaks," a spokesman for the app said.

"Snapchatters were allegedly victimised by their use of third-party apps to send and receive Snaps, a practice that we expressly prohibit in our terms of use precisely because they compromise our users' security. We vigilantly monitor the App Store and Google Play for illegal third-party apps and have succeeded in getting many of these removed."

The most worrying aspect of the whole incident is that more than half of Snapchat's users are aged between 13 and 17, meaning some of the explicit images contained in the leaked database could be classified as child pornography.

Messages are far less secure if someone you're interacting with is using one of the third-party services that enable users to catalogue messages they're sent. One such site, SnapSaved.com, has since gone offline. The problem with this type of app is that it can be used to save images without the knowledge of the sender.

It is also not the first time Snapchat has suffered a security issue, following an incident earlier this year when the usernames and phone numbers of 4.6 million users were posted online by hackers.

Snapchat has had security issues in the past, and in truth the "self-destructing" nature of the app has always been simple to get around by taking a screenshot of an image before it disappears. Normally the app will push a notification to the sender to tell them a screenshot has been taken, but third-party apps also exist that can disable this feature.

Being vigilant and only exchanging information with people you trust remains the best policy.

PA