Snapchat has finally got around to patching a security flaw that was first made public late last month and issued an apology for the first time. The update centers on Find Friends, the feature that was instrumental in last week’s database leak.
In a blog post on the matter, Snapchat said the update improves Find Friends functionality and allows users to opt-out of linking their phone number with their username. The option, they said, will be available in Settings -> Mobile # for those interested in making the change.
What’s more, the update also forces new users to verify their phone number before using the Find Friends service. This extra step wasn’t detailed but I would assume the company would just send users a PIN code via text that must be entered into the app. It’s an added step that could go a long way in helping the company combat hacking attempts in the future.
Back in late December, Australian-based Gibson Security published two undocumented Snapchat security exploits to raise awareness. The group claims they first reported the issues to Snapchat in August but after four months and no fix, they went public with their findings.
Less than a week after they published the exploits, a database containing the usernames and phone numbers of 4.6 million Snapchat users hit the web.
Many have called for an apology from Snapchat on the matter with some going as far as to suggest CEO Evan Spiegel lose his job. While the brief apology today likely won’t satisfy everyone, it’s a smart move –if not a bit late.
