Ephemeral messaging app Snap had employee data exposed by a breach at a third-party document analysis firm, according to a document reviewed by Reuters on Thursday.
Snap said it had been told by document analysis company Elevate that an unauthorized party had accessed some of Elevate’s computer systems in March 2022, according to a September 13 letter to a former employee. That employee was told that their name, address, employment history, and compensation information may have been among the affected files.
The letter said Snap was terminating its relationship with Elevate, which also provides services to law firms, according to its website.
A Snap spokesperson confirmed only that an unspecified outside vendor experienced a data breach that “exposed personal information of some of our current and former team members,” adding that no Snapchat users were affected.
Snap said it had notified the people affected and would not use the vendor for similar services in the future.
A spokesperson for Elevate declined to comment.
Reuters was not immediately able to determine who else received the letter or how many other employees or former employees may have been affected by the breach.
Last month, the company rolled out Snapchat for Web for all users globally, months after the feature was announced in July. It was initially rolled out to paid subscribers in the United States, United Kingdom, and Canada, and includes messaging features like Chat Reactions and Chat Reply, along with Lenses.
Previously, Snapchat introduced a Dual Camera feature to allow Snapchat users to capture two perspectives at the same time. Users who are running on recent versions of the app on iOS and Android phones can use both the front and back cameras at the same time to capture photos and videos. It features four layouts and Snapchat users can use creative tools such as music, stickers, and lenses to make content, according to the company.