Snapchat account hacked, now even access to someone else's account? An Odyssey - Part 1
I use Snapchat myself. For this reason I have an account myself, but it has not been in my hands for a few weeks. Strange things happened to me on the way to get my account back. A field report on how carelessly Snapchat actually handles its user data.
Briefly my starting position explained. I haven't had access to my Snapchat account since mid-January this year. I lost it through a hack. For three months now it's my turn to get this account again. During this time, some strange things happened to me with Snapchat support. In this article I would like to show how carefree you can easily deal with accounts and the associated very sensitive data (in the form of photos). And how difficult such services only get after you've been hacked. Believe me: it's terrifying. Up to today, I already have full access to a third-party account for 4 days - and I received this access officially from Snapchat support.
Jump to section
- 1 First of all: help page absolutely not helpful
- 2 E-mail is here: joy - at least for now
- 3 An email to reset the Snapchat password arrives - with the wrong salutation
- 4 First login - in a foreign account!
- 5 Return an account - but how?
- 6 Even if mistakes happen - that shouldn't happen
First of all: help page absolutely not helpful
It is positive that Snapchat offers corresponding help pages. In my case I called them Snapchat help page on, clicked on "My Account and Security" and then on "Account Security". Furthermore there is now one point with "My account was hacked". There you can find some information about it to see if you have actually been hacked. In my case: yes, I have - my email address, phone number and password have been changed. So I don't have a chance to reset my account myself.
Alright – I choose below now that I continue Prohave problems and need more help. Then it starts all over again. Here again “A securityproReport problem" selected, then go to "My Snapchat Account" and then click "My account was hacked". I've gone really crazy. Again, you can find information here that is completely irrelevant to me in this case. "If you believe that your account has been hacked, please change your password as soon as possible and check the Snapchat settings to ensure that the email address and mobile phone number associated with your account are correct."it says here. I know that, but I no longer have access! So now somehow further.
After going back and forth on the help page, I finally found a form that you can use to contact Snapchat. You have to select the option “Do you need help with something else?” On the corresponding help page and select “Yes”. How are you supposed to come up with that? The wording alone is wrong - I don't need help with anything else, but with this very subject. But it doesn't matter, at least found it.
I knew in advance that it would now take forever. Nonetheless, I immediately entered my username, email, cell phone number, and incident details. Specifically, it took about three weeks from then until I even got an answer. Then I had to reply again that my email address is still active. Wait another week. Then I was asked for my current telephone number (I had already entered it in the form!) - wait again. All in all, I contacted support twice because at first I hadn't been answered at all for several weeks - and I had the feeling that the mail didn't arrive and that it was repeated probeers.
E-mail is here: joy - at least for now
The first email from Snapchat support arrived in the mailbox. I was really happy - but back then I couldn't have guessed what was still waiting for me. Unfortunately, this e-mail was not about my account being blocked or reset, but about the confirmation of my e-mail address. In order to protect the privacy of its users, one wants to make sure that this e-mail address is really an (m) one, it said in the e-mail. Nothing unusual, after all, many people do to see whether the address even exists. I replied that this email was mine and that you are welcome to reply here. Then wait again - again radio silence for two weeks.
An email to reset the Snapchat password arrives - with the wrong salutation
After another two weeks of waiting, the next email from Snapchat arrived. When I read “I've reverted the email on your account to the email address submitted” in the first paragraph, I was immediately happy - my account was saved. My account was finally back - I figured it would be very different. But let's read on in the email. Furthermore, I am told that my account is temporarily blocked for further logins and that I have to reset the password via a link that I will receive: “You should receive a separate email containing a link to reset your password. For your security, you will be unable to login to your account until your password has been changed. "
The email to reset the password didn't arrive for another ten minutes - but I was used to delays from Snapchat anyway. The email didn't address me with my Snapchat usernameprochen, but with the user name of a foreign account. I found the whole thing quite strange, but I reset the password with the link anyway – it could have been a mistake in the salutation. The password reset was successful, another subsequent email confirmed this to me. (Click on the image for full screen, sharp view)
First login - in a foreign account!
First log into the account with my username. Entered a new reset password - "Error: Wrong username or password". Password from "before" probet, the login didn't work either. I got suspicious and protried it with the username from the salutation in the email. Okay – copy username, paste it, type in your password. Didn't work again, only this time the registration location was unknown. I was emailed a code in Dutch, which I then had to copy into the app. Strange again, since I definitely set my Snapchat to German. But still, let's give the strange story a chance. So copy the code, click log in.
Indeed, I was in the account - just not mine. I swiped right to check the chats: I ended up in an account of a Dutch user. He was active and had exchanged chats and snaps with various people. The user has also saved private photos in the memories. I could see everything - incredible. It was definitely not my account, nor could the hacker have changed anything about it. The saved images go back to November 2016 - at that time I didn't even have a Snapchat account. So I had official access to a completely foreign account - with numerous private photos and chats.
Return an account - but how?
I didn't want that - and now I honestly wanted to "give back" the account. After all, this user was active and has now lost access to it - officially through Snapchat support. Important, once again noted: I did not resort to any illegal actions here, everything went officially with Snapchat support! He simply entered my email address into his account. It is inexplicable to me why exactly this account was "chosen" - the user has nothing to do with me and has certainly never entered my e-mail address there in the past.
Immediately after looking around the account for the first time, I logged out again there. I have no business in this account, that was very clear to me. Since I unfortunately cannot see which email address was previously entered in his account, I cannot contact him by email either. Snapchat support has only responded to me with standard replies so far. I will definitely stay tuned here because firstly I want to get my real account myself and secondly I would like to return this account.
Even if mistakes happen - that shouldn't happen
Cases like this show, however, that - presumably also in this case - computers evaluate these things or it is people who make unacceptable mistakes here. I am even assuming the latter here, since you almost always get standard answers from Snapchat support, but in between you have the feeling that you are writing to a real person. Data protection is probably not that big on Snapchat - even if it could be a really stupid mistake, it just can't be allowed to happen. Don't get me wrong, but at least this is about private photos.
After all, several questions arise here: Why was I able to reset the password immediately without any verification (telephone number, questions about the most frequently contacted contacts)? Why was this one user selected? What does my email address have to do with this account? How was this username - a completely foreign account - somehow linked to my e-mail address? We now need to get to the bottom of these questions. Not only that, I would also like to go back to my account. I'll keep you up to date - part 2 will follow.
Please note that for data protection reasons, I cannot disclose any screenshots of the other account to the other user. Corresponding screenshots have therefore also been censored.
Please tell me about your experiences! Have you ever been hacked or had contact with Snapchat support?