Meet Graham Smith, the 16-Year-Old Dallas Boy Who Hacked Snapchat to Reveal Security Flaws

Categories: Technology

Graham Smith
Because you can never have too many reasons to feel inadequate about your teenage years, we'd like to introduce you to 16-year-old Graham Smith. By day, he's your typical Episcopal School of Dallas sophomore. By night, he's a white-hat hacker who's recently gained notoriety by exposing security flaws in Snapchat.

Calling Smith Snapchat's "nemesis," as The Daily Beast did on Wednesday, is probably something of an overstatement. That title should probably be reserved for whoever orchestrated the massive data breach of the picture-messaging app.

Smith's more like a lonely heckler, shouting unsolicited -- but useful -- advice from the sidelines.

Apparently worried that the privacy protections implemented in the wake of the data breach were inadequate, he cold-called and texted Snapchat co-founder chief technology officer Bobby Murphy, whose number he pieced together using the hacked data, to let him know the app still had major security flaws.

Although the company had promised to tighten security measures to prevent the leak of large quantities of personal data, by setting up dummy accounts and repeatedly using the "Find Friends" feature, Smith was able to pull down 36,000 phone numbers per day.

"When I figured it out, I was surprised at how simple it was," Smith told ESD's communications department. "Your average person could probably figure it out."

He posted his findings on his blog, which appears to be down for the moment.

He related all this to Murphy, who promised to look into it. Snapchat told the Washington Post last week that it's investigating and making improvements.

Smith, though, isn't satisfied, saying the company hasn't gone far enough. He plans to continue poking at Snapchat, searching for vulnerabilities.

"I don't want to be the bad guy," Smith tells The Daily Beast. "I just want to make sure users are getting the end of the bargain, that their user information is safe."

Send your story tips to the author, Eric Nicholson.

My Voice Nation Help
bvckvs topcommenter

Actually, it's not very hard to find a popular website with really big security flaws.  It's like finding a brick-and-mortar store that has weak locks, open windows or unsecured roof access.

So the fact that he found one isn't really a big deal.  The big deal here is that he spent his time on that, instead of on something productive and worthwhile.


TWO THUMBS UP!  Way to go, kid!


He's actually a pimple faced turd with no girlfriend, and humps his pillow with a blonde wig on it each and every night, while whispering sweet nothings in it's cotton ears.


simplest solution of all on this one........ DONT USE SNAPCHAT.


He's social calendar must be packed.


More like he's the kid in the bleachers yelling that the Emperor has no clothes. And the corporate response, as in government, is denial.

He is a hero.


If It's so easy, why don't you do it! Oh wait, it's not worth your time. But commenting on every article on the Observer online is.

This sort of stuff could lead the kid to an internship at Snapchat, another social media company, or an IT security firm. It will give him something compelling to write about in his college essays.


So for the boy of age 16 you would rather him spend his time doing what? Since you're not writing the check it really does not matter what he does with his time

ruddski topcommenter

You'll probably see sour grapes from a few middle-aged failed tech guys who are jealous of this kid's smarts and bright future, sad and funny at the same time. Mostly funny.


When you can learn to spell, then you can talk shit. Bitch !!!!!

Now Trending

From the Vault