The ephemeral photo-sharing app has been the target of a database hack that reveals usernames and phone numbers.
The exploit was first revealed through the SnapchatDB website which listed the usernames and phone numbers of 4.6 million accounts, primarily from Snapchat users based in the United States. SnapchatDB has since gone offline.
According to SnapchatDB, the last two digits of phone numbers have been removed to help prevent abuse. Usernames, however, were revealed without any modification.
The exploit comes just days after the photo-sharing app revealed that it was aware of a vulnerability that could reveal usernames and phone numbers. "Theoretically, if someone were able to upload a huge set of phone numbers, like every number in an area code, or every possible number in the US, they could create a database of the results and match usernames to phone numbers that way," said the blog post.
Adding a phone number to your user profile is optional within Snapchat. Since the exploit was revealed, a number of websites have emerged that let you check if your Snapchat account was one of the 4.6 million affected. GS Lookup is one such site that asks for your username and matches it to the leaked data from SnapchatDB to find a possible match.