Snapchat is valued at $10 billion, with its 24-year-old CEO Evan Spiegel paying himself a $10 million salary. Yet in the wake of a third-party breach which allowed hackers to post hundreds of thousands of private Snapchat photos on the Internet, the company now claims it has neither the time or money to keep its customers secure.
“It takes time and a lot of resources to build an open and trustworthy third-party application ecosystem,” the company wrote in a Snapchat blog post. “That’s why we haven’t provided a public API to developers and why we prohibit access to the private API we use to provide our service.”
Hackers dumped hundreds of thousands of user photos—about 13GB—onto Internet forum 4chan on Sunday, a breach Internet joke smiths call “The Snappening.” Snapchat traced the hack to a third-party app named SnapSaved, and promptly blamed the victims:
“Snapchatters were allegedly victimized by their use of third-party apps to send and receive Snaps, a practice that we expressly prohibit in our Terms of Use precisely because they compromise our users’ security.”
Snapchat blames users, but it’s hard to believe users realized that Snapchat’s third party apps were insecure in a time when third party apps for most social networks are not. Places like Twitter and Facebook, for example, provide a public API for developers interested in creating third party apps. When an API isn’t available, developers are forced to use a less secure workaround of accessing user credentials, and that’s what happened with SnapSaved.
What’s especially interesting is Snapchat’s insistence that the company doesn’t have the time or resources to build a secure API, given the site’s current $10 billion valuation. Asked about his newfound wealth at a Vanity Fair event, CEO Evan Spiegel said:
“It’s all fake money still. We generally have the feeling there is a lot more work to do.”
It’s unclear what Spiegel meant, whether he was stating that going from rags to riches felt like monopoly money, or whether the money was somehow still inaccessible—another staggering leap of illogic given that he gave himself a $10 million salary last year.
Don’t listen to Snapchat’s victim blaming. The company indeed has the resources to ensure a hack like this doesn’t happen again, and it ought to begin taking responsibility.
Lead photo by Snugg LePup.