Snapchat users may be in for a not-so-pleasant surprise this Christmas.
Hackers could gain access to the phone numbers and names of the app's users because of a loophole in its coding and API (application programming interface), a new report from online security firm Gibson Security has revealed.
'People could ... pay a few dollars and obtain the phone number and social media profiles of a person, just by their username.'
- Gibson Security
Snapchat was made aware of this security glitch in August, but ignored it. Gibson Security claim users of the photo messaging application would have their names, aliases and phone numbers discovered via the Snapchat and iOS API -- even if the user's account is private, reports ZDnet. Gibson Security told ZDNet that hackers could "automatically build profiles about users, which could be sold for a lot of money."
"People could operate a service similar to ssndob.cc where you could pay a few dollars and obtain the phone number and social media profiles of a person, just by their username," he added.
But his "biggest worry" is that his could also be used to targeted scamming and stalking "You could find someone's phone number in minutes provided you know the general area they live in," he said. The photo messaging app allows users to send photos and videos which can only be viewed for 10 seconds, and then vanish once they are opened.
Snapchat turned down a $3 billion buyout offer from Facebook in November, which Gibson Security says provides further proof of the value of selling a user profile database.
Get more tech news and reviews at news.com.au.