Analysts say the popular app would have been in bigger trouble if images had been compromised
Snapchat is the latest digital company to fall prey to hackers, but the fallout from a security breach at the photo-sharing service that compromised 4.6 million accounts will be fleeting, analysts and privacy experts tell TheWrap.
After all, similar problems have bedeviled companies such as Sony and Target, and neither were permanently hobbled by controversy. Given the interconnected nature of commerce and communication, any company that is engaged with the internet (meaning basically every company that doesn't want to become the 21st century equivalent of a blacksmith), at some point will face similar headaches, experts say.
“The way I look at it, there are two kinds of online services — the ones who have been hacked and lost private data and the ones who will be hacked and will lose private data in the future, ” Paul Saffo, a technology forecaster and managing director at Discern Analystics, told TheWrap.
The nature of the hack by a website called SnapchatDB appears to have been consigned to phone numbers, not credit card data and not the images that customers used the Snapchat app to share. Snapchat shot to popularity by providing users with the illusion that it protected privacy because the photos they shared with people are timed to delete — and for that reason the service closely associated with “sexting.”
Had Snapchat's breach involved the sharing of salacious images, it would have been “armageddon” for the company, Bob Sullivan, a privacy expert and the author of “Stop Getting Ripped Off,” said.
“Most people who use the service are going to think, what's the problem?” he said. “I'm not sure young people think of their numbers as private.”
That said, Sullivan was unimpressed with Snapchat's initial response to the crisis. Snapchat did not respond to a request for comment for this article, but in a blog post last Friday the company sounded defensive about being confronted over its security vulnerabilities.
“Theoretically, if someone were able to upload a huge set of phone numbers, like every number in an area code, or every possible number in the U.S., they could create a database of the results and match usernames to phone numbers that way,” the blog post read. “Over the past year we've implemented various safeguards to make it more difficult to do…Happy Snapping!”
On Tuesday, Snapchat followed that message up with a second note saying it would allow users to opt out of its Find Friends feature, which appeared to be the source of the compromised data. It said it was taking steps to prevent future violations.
However, Sullivan said the company should have expressed more contrition and sympathy in its initial message.
“They've tried to minimize the importance of what's happened here,” he said. “If there's one rat in a restaurant kitchen, you can't declare that kitchen unhealthy, but it sure sends some alarms up.”
As long as Snapchat moves quickly to plug any holes in its security, the damage should be relatively fleeting, analysts argue.
“It won't be that big a deal unless there are some other fundamental problems with their security,” Brian Blau, a research director in consumer technology at Gartner, said. “It sounds like this was an isolated incident.”
Without additional breaches, the company is unlikely to regret its decision to remain independent. Snapchat turned heads when the Wall Street Journal reported last November that it had turned down a $3 billion cash offer from Facebook for its service.
“They're one of the great up and coming companies,” Blau said. “They found a way to fill a need with consumers by creating a product that people wanted even though they weren't exactly able to express their desire.”
Privacy is a hot-button issue, but though Edward Snowden's revelations about National Security Agency snooping may give people pause before they compose their next email or tweet, they likely won't scurry for encrypted messaging services.
“Americans claim to care about privacy, but they never do anything about it when it's violated,” Saffo said.
Snapchat is betting people will remain indifferent about the risks.