by John Shinal, Special for USA TODAY
SAN FRANCISCO — This new year of 2014 may very well be the one in which the ability (or failure) of social networks to protect their users’ data becomes a competitive advantage (or disadvantage).
If so, Snapchat has started the year off in a bad way, by having its servers hacked and the user names and mobile numbers of 4.8 million members turned into a database that’s now floating around the Internet.
By itself, it’s not very big news that a small, relatively new service got hacked, of course.
Computer security breaches that steal consumer data are now common.
Just ask Target shoppers and Skype users — who also had private information stolen this holiday season.
In a world where cybersleuths wearing either white or black hats joust for control of the Internet, there’s going to be collateral damage to consumers.
The bigger problem for Snapchat is it failed to fix a security weakness that was pointed out publicly by an Australian security firm in August.
Gibson Security, based in Sydney, has on its site a news release dated Aug. 27, 2013, in which it points out the precise flaw that thieves used to penetrate Snapchat’s servers this week.
The four-month lag time suggests protecting user data was not at the top of the to-do list of Snapchat’s own engineering hacking sessions.
It probably should have been, given that the data breach news has become the first time a general (non-tech) audience is hearing about the start-up.
Closer followers of tech will remember Snapchat CEO Evan Spiegel in November was widely reported to have turned down a $3 billion all-cash takeover offer from Facebook.
Publicity people often say that there’s no such thing as bad publicity, but this example strongly suggests otherwise.
Given that Snapchat is most popular with the 18-and-younger crowd, its lack of diligence on fixing the flaw pointed out by Gibson Security has just created almost 5 million sets of unhappy parents.
A big part of Snapchat’s appeal is its technology that the company says allows pictures posted to it to disappear after 10 seconds.
That should serve as a wake-up call to all the parents who pushed their own kids off of Facebook by trying to “friend” them on the No. 1 social network.
That merely pushed kids looking for privacy onto smaller social networks such as Instagram and Snapchat.
Adolescents who use social networks to create their own online identity are engaging in a healthy activity — if it’s overseen properly and if the companies running those networks deliver on their privacy promises.
Parents should be aware of what networks their children are using and supervise their privacy and security settings.
Gibson Security has set up a Web page (http://lookup.gibsonsec.org/) where Snapchat users or their parents can see if their user name and mobile numbers were among those stolen.
The Snapchat data breach is a reminder to parents to be aware of what their kids are doing online.
It should also be yet another wake-up call to the social media industry, as its companies work on their 2014 engineering priorities, to put the protection of user information at least on par with, if not above, revenue-generating projects.
If a company loses the trust of its users, it’s going to lose the users themselves eventually to a rival that’s doing a better job protecting data.