Nearly two days after the username and phone number pairings of 4.6 million Snapchat accounts leaked online as a free download, Snapchat took to its official blog to make a statement.
Snapchat said that no photos or videos had been compromised in the leak, and that it will release an update to the Snapchat app that will allow users to opt-out of the “Find Friends” feature, which provided the weakness that the hackers behind SnapchatDB were able to exploit. Snapchat did not, however, state whether the vulnerability had been removed, nor did Snapchat issue an apology or admit responsibility for compromising users' data.
Instead, Snapchat passed blame on to the security team that initially pointed out the vulnerability back in August.
Snapchat said that in addition to allowing users to opt-out of Find Friends, it would improve security practices and restrictions. Snapchat also established a new security email address, firstname.lastname@example.org, for hackers and security experts point out vulnerabilities.
Still, the response didn’t seem to do much to satisfy Snapchat users.
“If your security depends on your API being private, you have no security,” said one user, “simontesla,” in the comments section of the blog post.
Another user, “gregcohn,” wrote, “This is an apology? WTF.”
Snapchat CEO Evan Spiegel took to NBC’s Today show Friday morning to discuss the leak and said that Snapchat had “done enough” to protect its users.
“In a business like this, one that’s moving so quickly, if you spend your time looking backwards, you’ll kill yourself,” Spiegel said.
In November, Spiegel reportedly rejected a $3 billion offer from Facebook to acquire Snapchat, which would have been the social network’s biggest acquisition to date. Despite that Snapchat doesn’t make any money, it is believed that Spiegel rejected Facebook’s offer to hold out for an investment by a Chinese e-commerce company that would value the company even higher.