Instagram
August 31, 2017 by

Instagram Security Breach Leaks Data of ‘High-Profile’ Users

Instagram has begun alerting users of a security breach that exposed the contact information and data of “high-profile” users on the photo-sharing platform.

Facebook-owned Instagram has admitted to a data breach where the email addresses and phone numbers of “high-profile” accounts were exposed to an unidentified attacker. The company insists that no passwords were exposed. Shedding further details, the social photo-sharing network blames the hack on an attacker who exploited a bug in an Instagram application programming interface (API).

In a statement to Variety, an Instagram representative stated:

We recently discovered that one or more individuals obtained unlawful access to a number of high-profile Instagram users’ contact information – specifically email addresses and phone number – by exploiting a bug in an Instagram API.

It appears that the API glitch enabled the attacker to gather code containing email addresses and phone numbers of specific user accounts. As things stand, Instagram has not disclosed which accounts may be compromised but has insisted that it has already notified verified account holds of the issue.

Instagram revealed details of the breach within days after the hack of the account of celebrity Selena Gomez, the most followed Instagram account with some 125 million followers. Instagram has since helped Gomez re-secure and restore her account.

Instagram added:

Our main concern is for the safety and security of our community. As always, we encourage people to be vigilant about the security of their account and exercise caution if they encounter any suspicious activity such as unrecognized incoming calls, texts and emails.

As reported earlier, Instagram enabled two-factor authentication (2FA) for all of its users after experimenting with the added layer of security for over a year. However, Instagram doesn’t support third-party authenticator apps like Authy or Google Authenticator. Instagram is among the most popular social photo sharing platforms in the world, with some 600 million accounts.

Image credit: Pexels.

About the author

Image of Author

LIFARS is a digital forensics and cybersecurity intelligence firm based in New York City. LIFARS is ranked as one of the top Digital Forensics and Cyber Investigations companies in 2016 and as one of the top cybersecurity companies in the New York metropolitan area for 2015 on the Cybersecurity 500 – a directory of the hottest and most innovative companies to watch in the cybersecurity industry.

Related articles

Instagram (Finally) Rolls out Two-Factor Authentication to All Users

Instagram has announced that two-factor authentication will be enabled for all users after...

Read more arrow_forward

Google Removes Instagram Phishing Apps After 1.5 Million Installs

Security researchers from cybersecurity firm ESET discovered at least 13 new Instagram...

Read more arrow_forward

Hackers Target Mark Zuckerberg’s Social Media Accounts

The man behind the world’s most popular social networking website, Facebook’s Mark...

Read more arrow_forward