When you’re a company with a net worth of $20 billion, people take notice. Snapchat is a social media app with over 150 million people using it every. Single. Day. Given its worth and popularity, it’s assumed that the company has taken every cybersecurity measure it can to protect its users and employees. As it would happen, even the most careful of companies can suffer a cybersecurity meltdown, and that’s no exception for Snapchat. This is why it’s so vital to invest in a good cyber insurance policy—you’re not just protecting your employees and your customers, you’re protecting your business.
The Snapchat Hack: What Happened?
Snapchat is a social media app that allows users to send impermanent images to each other. Users are given a choice of how many seconds the image is available for view before it disappears into the void forever. Unfortunately, nothing is really that transient, and Snapchat employees had to learn about it the hard way.
In February 2016, a Snapchat employee fell victim to a phishing scam. Typical company policy asks that employees do not open or click on “phishy” looking emails or links. The phishing email sent to a Snapchat employee that resulted in the company’s data breach was different.
The hacker who wrote and developed this email crafted it so perfectly that it looked like it had been personally written and sent by Snapchat’s Co-Founder and Chief Executive Evan Spiegel. The email seemingly typed by the boss requested the payroll data of Snapchat’s employees. The payroll department willingly complied with the request, as the email did not meet any phishing red flags. This is how the hacker was able to gain access to employee information and essentially break into the system. The hacker walked away with the payroll information of present and past Snapchat employees, but the company affirms that the internal data systems were not breached and user information was not accessed or stolen.
Bouncing Back from a Cyber Attack
In a blog post published on February 28, Snapchat wrote, “We’re a company that takes privacy and security seriously. So it’s with real remorse—and embarrassment—that one of our employees fell for a phishing scam and revealed some payroll information about our employees. The good news is that our servers were not breached, and our users’ data was totally unaffected by this. The bad news is that a number of our employees have now had their identity compromised. And for that, we’re just impossibly sorry.”
Snapchat’s quick response to the cyberattack and transparency about the phishing scam with the public demonstrates that they are a company who does indeed pride themselves on protecting their customers AND staff. The blog post details how they learned of the breach and their response to it. The company assures their customers that the situation is being taken care of and that there is no need to worry. And it’s true, Snapchat righted the situation and has since continued to climb.
Swift action and transparency are two things that keep customers loyal to a business, even if and when the business has suffered a data breach. Learn more about cybersecurity and cyber insurance when you visit CoverHound today.