SnapLion provides “the keys to the kingdom,” one of the former employees who described the abuse of accessing user data said.
Internal emails have revealed that Snapchat employees use SnapLion to find the email address linked to an account without any law enforcement order being in play. On the plus side, emails also show the tool being used for investigations against child abuse.
One of the former employees said that data access abuse occurred “a few times” at Snap. That source and another former employee specified the abuse was carried out by multiple individuals. A Snapchat email obtained by Motherboard also shows employees broadly discussing the issue of insider threats and access to data, and how they need to be combatted.
In response to the report, a Snap spokesperson said that protecting the privacy of its users is paramount for the company.
Ideally, Snapchat should limit the access of SnapLion to certain employees, but the tool has available across the company to all employees. The tool was also used for resetting passwords of hacked accounts and other administrative purposes.
Snapchat implemented end-to-end encryption at the beginning of this year.
The report highlights how user data is not safe in the hands of the company which created the product itself. If you are a heavy Snap user, make sure to read the full report. With end-to-end encryption in place, Snap users should feel a bit more secure about their data.
Also read : Developer ports Cydia Installer to macOS using Apple’s project Marzipan