According to a "Snapchat Security Advisory" published by Australian researchers,
Snapchat names, aliases and phone numbers can be discovered and harvested via the Snapchat Android and iOS API - even if the Snapchat account is private.
Gibson Security discovered a range of disturbing security holes when it reverse-engineered the popular photo and video sharing app, including what it believes to be unsecure encryption practices (two encryption keys across all users) and code for in-app ads.
Gibson Security has informed ZDNet that "The API reversed isn't just used for Android, but iOS too. Both platforms are vulnerable." (more)