Chris Ziegler reports:
The individual or team claiming responsibility for SnapchatDB has responded to The Verge‘s requests for comment the morning after the database went online, containing a leaked collection of some 4.6 million apparent Snapchat usernames and partial phone numbers. “Our motivation behind the release was to raise the public awareness around the issue, and also put public pressure on Snapchat to get this exploit fixed,” they say. “Security matters as much as user experience does.”
Read more on The Verge.
Violet Blue writes that this incident shows that responsible disclosure has failed, while Marcia Hofmann and I both noted that perhaps the FTC and/or California Attorney General should investigate SnapChat’s response to the responsible disclosure:
GMTA RT @marciahofmann: I hope @FTC & @calagharris look into Snapchat’s failure to respond to responsible disclosure. http://t.co/E2ranKb4Kf
— Dissent Doe (@PogoWasRight) January 2, 2014