Occasionally computer security professionals and other helpful people reach out to us about potential bugs and vulnerabilities in Snapchat. We are grateful for the assistance of professionals who practice responsible disclosure and we’ve generally worked well with those who have contacted us.

Since I have some experience in disclosing vulnerabilities in Social Media I would agree with SnapChat’s position in this specific instance since throttling of an API results in the exfiltration taking more time and is against the business driver for fast web services.

Wayback Machine has mirrored the SQL and CSV dump at

Furthermore, the obfuscation of each phone number is poor, i.e. there are ~45 different combinations of [1-9][1-9] in the SnapchatDB release.