Snapchat Data Breach Exposes Personal Info

REPLAY VIDEO
Your next video will start in
Pause

Recommended Videos

  • Info

  • Comments

  • VIDEO TEXT

Jan. 2 (Bloomberg) –- Shape Security Director of Product Security Michael Coates and Bloomberg’s Michael Riley discuss the flaws in Snapchat’s infrastructure that led to the security breach at Snapchat with Emily Chang on Bloomberg Television’s “Bloomberg West.” (Source: Bloomberg)

Joining me to talk about security.

You used to work at mozilla and render security operation, so these are things you are familiar with.

How big a flaw was there to make something like this happen?

At the root of what snap chat, the problem they have is a way of coding with their application that was exposed to the public which they didn't intend to have people accessing.

This was reported to them in august.

Developing software can develop in flaws.

When they tell you about those flaws, you need to act quickly to take action.

Why wouldn't they respond quickly?

In the start up, you see a battle between new features and acquiring features.

In companies writing themselves on protecting users privacy, they need to take those things very, very -- act very quickly.

It seems like more of these things are happening lately.

On a scale of one to 10, how bad is what happened with snap chat compared to some of the other things we have seen happen with users accounts and personal information?

It's bad on a couple of levels.

One is they are exposing phone numbers of users and hackers say they are going to put the full number up in some locations.

The data people are drawing has a number but it is secure.

Changing your phone number is a big deal.

I can change my password relatively easy.

If i have to change my phone number or worry my phone number or something that might have been enlisted is now public, that the ready big deal.

Especially the fact that you now have security companies saying we told them not once but twice that this was a problem.

We did so relatively discreetly in august and explicitly more recently and they did not react to it.

If i were a user, that looks pretty bad.

Snap chat says they have certain protections in place tom about it wasn't enough to prevent something like this.

How did this compare to something like facebook or twitter?

Would this happen with facebook or twitter?

What we saw is gibson security did an analysis of the security in place and said they are inadequate.

How so?

They are trying to rate limit the attackers so if they perform many operations in a short time.

Say you go with a thousand friends, that should be blocked as suspicious.

With this happen to facebook?

What attackers are now doing is instead of launching an attack from one computer 1000 times, they use a bot and launch it from 1000 computers one time.

They have the same effect for the attackers and it makes it very difficult.

We will see this growing not only in companies like snap chat , but more established companies like facebook.

Facebook already faces these kinds of threats.

Is this like eight mile of service attack western mark it is similar in the sense they are using a. net.

-- using a bot net and letting them do their malicious bidding for them.

It's hard to block all those attackers when you can't tell them from humans or bots.

You think we will see more of these kinds of attacks this year?

I think we will see a rise in it.

Social media that -- social media websites will be in an attack and commerce websites are going after user profiles and banks as well.

They will definitely face these kinds of attacks.

It's a growth in this kind of style.

Big news in the security world, fire i announced under the radar security firm of more than a billion dollar acquisition.

It was obviously a pretty plum acquisition that has a lot of attention because it specializes in cyber espionage from nationstates like china.

They got a lot of attention when they responded to attacks like on the new york times.

Their ipo did really well and it did enough to create this acquisition but a link between this company that has a product and a company that does a lot of very sophisticated response is pretty powerful.

The stock went way up.

It's a good acquisition for them.

Thank you so much for joining

This text has been automatically generated. It may not be 100% accurate.

Advertisement

BTV Channel Finder

Channel_finder_loader

ZIP is required for U.S. locations

Bloomberg Television in   change