It has been reported that multiple employees within the company have abused their access to a tool that is used by Snapchat dubbed SnapLion. The tool’s main function is to access user’s data per request of law enforcement when they are conducting investigations. The access to the keys which allow viewing the information has expanded since the inception of the tool and teams within Snapchat such as spam and abuse teams, customer operations teams, and security teams are all able to access the information. Multiple employees have come forth with instances where they specifically saw the tools being abused by their coworkers, but they did not give details on the incidents. In some cases, these employees were able to view saved Snaps, videos, location information, phone numbers, and email addresses. Although in recent times, Snapchat has implemented logging tools to help identify what type of data employees are accessing while on their network, it is still easy for it to be covered up. A spokesperson for Snapchat stated, “we keep very little user data, and we have robust policies and controls to limit internal access to the data we do have. Unauthorized access of any kind is a clear violation of the company’s standards of business conduct and, if detected, results in immediate termination.” Snapchat is not the only social media giant to be under fire for similar issues as we have seen Facebook face backlash for poor data security.
By Akshay Rohatgi and Randy Pargman About this Student Research Project Binary Defense’s mission is