On Friday February 26, 2016, the popular photo sharing app, Snapchat, fell victim to a sophisticated phishing attack. Employees were “targeted by an isolated email phishing scam”, where the scammer impersonated Snapchat’s Chief Executive Officer, Evan Spiegel, according to a blog posted by Snapchat representatives on Sunday. The malicious email requested payroll information about current and former employees. While Snapchat is not giving away details, this information could include addresses, banking details, emails, social security numbers or other personal credentials that can put employees at risk for identity theft.
Snapchat has assured the public, that their servers were not compromised, and that user’s data was not affected – however this is not the first time the company has been subject to cyber-attacks attempting to obtain sensitive data. In October of 2014 Snapchat had a breach that did affect users, third-party applications were compromised, allowing a leak of approximately 200,000 “deleted” photos. Since then the company has removed all third party access to its platform for security purposes.
Snapchat reported that they are owning up to their lack of security faults, and want to make this a learning opportunity ensuring it does not happen again. “We will redouble our already rigorous training programs around privacy and security in the coming weeks” [i].
Connect with Secure Sense to protect data, your network, and systems 24/7, 365 days a year. If you have questions or want to learn more, please contact Secure Sense by calling 866-999-7506.
You can find Secure Sense on Facebook, LinkedIn and Twitter. Follow us for current company and industry news.
[i] Snapchat blog post regarding this incident: http://blog.snapchat.com/