An application security expert says it scrutinises Snapchat's claim that its servers 'were never breached'
An application security expert says it scrutinises Snapchat's claim that its servers 'were never breached'

The Snappening: How were Snapchat user's images hacked and should we all be worried?

Tens of thousands of ordinary users' images and videos, some thought to be explicit, have been published online

Martyn Landi
Tuesday 14 October 2014 17:19

A hack similar to last month's celebrity photo scandal has seen more than 90,000 explicit photos sent using Snapchat posted online. But how did the images get stolen, and should Snapchat users be worried?

While Hollywood stars like Jennifer Lawrence were victims of the original photo hack, along with many other prominent female stars, this latest attack involves a mix of regular users of the Snapchat app.

Originally thought to be a hoax, a database of images has since appeared online, with forum sites like 4Chan, previously at the centre of the celebrity nude photo leak, once again hosting links to the images.

Here are the key questions surrounding "The Snappening".

  • What is Snapchat?

For those not familiar with the app, Snapchat is an instant messaging service that allows users to send picture messages to each other. The twist is the images "self-destruct" after a set time limit and disappear forever. Users can set this time between 1 and 10 seconds. This has, in some cases lent itself to explicit images being exchanged under the impression that they can not be saved. Snapchat has warned users in the past against using the service for "sexting".

  • How then, did so many end up online?

Snapchat has been quick to respond, confirming that the app and service itself wasn't hacked. Instead the problem stems from unofficial third-party apps that give users the power to save images they are sent. Apps like Snapsave on the Android platform enable users to enter their Snapchat log-in details and then save images they are sent without the knowledge of the sender. The images are stored in a database, and it is this type of app that is believed to have been accessed in order to round-up content for the leak.

"We can confirm that Snapchat's servers were never breached and were not the source of these leaks," a spokesman for the app said.

"Snapchatters were allegedly victimised by their use of third-party apps to send and receive Snaps, a practice that we expressly prohibit in our terms of use precisely because they compromise our users' security. We vigilantly monitor the App Store and Google Play for illegal third-party apps and have succeeded in getting many of these removed."

The most worrying aspect of the whole incident is that more than half of Snapchat's users are aged between 13 and 17, meaning some of the explicit images contained in the leaked database could be classified as child pornography.

  • So, not self-destructive after all?

Messages are far less secure if someone you're interacting with is using one of the third-party services that enable users to catalogue messages they're sent. One such site,, has since gone offline. The problem with this type of app is that it can be used to save images without the knowledge of the sender.

It is also not the first time Snapchat has suffered a security issue, following an incident earlier this year when the usernames and phone numbers of 4.6 million users were posted online by hackers.

  • Is Snapchat safe?

Snapchat has had security issues in the past, and in truth the "self-destructing" nature of the app has always been simple to get around by taking a screenshot of an image before it disappears. Normally the app will push a notification to the sender to tell them a screenshot has been taken, but third-party apps also exist that can disable this feature.

Being vigilant and only exchanging information with people you trust remains the best policy.


Join our new commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

View comments