Last week, you learned all about the Snappening, a purported leak of hundreds of thousands of Snapchat users’ photos. Although many initially speculated that the hack resulted from a breach in a third-party Snapchat app like Snapsaved, which allows users to save images without the sender’s consent, it wasn’t confirmed until earlier today, when the website itself took responsibility for the hack in a statement on its Facebook page.
“I sincerely apologize on the behalf of snapsaved.com we never wished for this to happen,” the statement on Snapsaved’s Facebook page says. “We did not wish to cause SnapChat or their users any harm, we only wished to provide a unique service.”
The statement went on to say that Snapsaved.com, which has since been shut down, was hacked as the result of a misconfiguration in its Apache server. But contrary to allegations made in an anonymous Pastebin post from a user claiming to be responsible for the hack, which stated that the images came from “an administrator of the site,” Snapsaved denied that it was directly involved for the leak, claiming the website shut down its database immediately after the security breach was discovered.
Snapsaved also alleged that that the hacker does not have the necessary tools to create a searchable database of the hacked images, as anonymous 4chan users claimed when they announced the hack last week.
“The recent rumors about the snappening are a hoax. The hacker does not have sufficient information to live up to his claims of creating a searchable Database,” the statement says. (Considering how difficult it is to find verifiable leaked Snapchat videos and photos, as Caitlin Dewey of the Washington Post points out, and that the searchable database of hundreds of thousands of hacked Snapchat photos promised by anonymous 4chan users last week has yet to come to fruition, it’s starting to look like there’s some truth to this explanation.)
While the hacker was able to access the photos stored in the server as a result of the breach, Snapsaved said that they were not able to access user information such as names and phone numbers. “As soon as we discovered the breach in our systems, we immediately deleted the entire website and the database associated with it,” the statement says. “As far as we can tell, the breach has effected [sic] 500MB of images, and 0 personal information from the database.”
You can read the whole statement from Snapsaved on its Facebook page.
H/T TechCrunch | Illustration by Fernando Alfonso III