Hackers published 4.6 million Snapchat usernames and phone numbers late Tuesday night and made the data available for download.
The website SnapchatDB.info, which has since been taken down, claims it released the information to make the public aware that Snapchat is vulnerable.
The mobile app, which allows users to take photos that automatically self-destruct, is wildly popular among teens, leading the tech industry to believe that young Americans are pro-privacy.
But Gibson Security says their favorite app is aware that usernames could “theoretically” be exposed despite their “various safeguards.”
“Our motivation behind the release was to raise the public awareness around the issue, and also put public pressure on Snapchat to get this exploit fixed,” SnapchatDB told Tech Crunch in a statement. “It is understandable that tech startups have limited resources but security and privacy should not be a secondary goal. Security matters as much as user experience does.”
The group says Snapchat could have easily avoided the breach, but didn’t act to stop it.
“Even long after that disclosure, Snapchat was reluctant to taking the necessary steps to secure user data,” the group said.
One reader told Tech Crunch, they even spotted Snapchat founder Evan Spiegel on the list.
The group says it “censored the last two digits of the phone numbers” because they “wanted to minimize spam and abuse that may arise from this release."
But they still threatened to release the unfiltered data, Tech Crunch reported.
SnapchatDB claims skimping on security in the tech industry is like skimping on cleanliness in the food industry.
“Our main goal is to raise public awareness on how reckless many Internet companies are with user information,” the group claimed. “You wouldn’t want to eat at a restaurant that spends millions on decoration, but barely anything on cleanliness.”