Hackers exploit Instagram bug to access phone numbers, email addresses of high profile acc...

Posted:
in General Discussion edited August 2017
Instagram on Wednesday said one or more hackers accessed email address and phone number information associated with certain high profile accounts using a previously unknown API "bug," but notes the flaw has since been patched.




In a statement sent out to various media publications, Instagram notes no password data was exposed as part of the hack. The exploit took advantage of a flaw in Instagram's API that is used to facilitate app-to-app communications, reports The Verge.

"We recently discovered that one or more individuals obtained unlawful access to a number of high-profile Instagram users' contact information -- specifically email address and phone number -- by exploiting a bug in an Instagram API," the company said. "No account passwords were exposed. We fixed the bug swiftly and are running a thorough investigation."

The Facebook-owned photo sharing firm declined to say how many accounts were affected by the breach.

As a result of the hack, Instagram notified all verified users of the potential information leak, urging caution when receiving phone calls, text messages or emails from unknown sources. In combination with social engineering techniques like spearphishing, the data exposed could be used to gain access user account access.

While not confirmed by Instagram, The Verge posits the security breach could be related to Monday's hack of Selena Gomez's Instagram page. Gomez, who owns the most popular individual account on the service with 125 million followers, was targeted by a nefarious user who took over her page and posted nude photos of ex-boyfriend Justin Bieber. Instagram helped Gomez restore access to her account later that day.

Comments

  • Reply 1 of 4
    I'm lucky.  I don't have an Instagram account.
    watto_cobra
  • Reply 2 of 4
    robin huberrobin huber Posts: 3,200member
    macseeker said:
    I'm lucky.  I don't have an Instagram account.
    Ditto. Hoping I will have sidestepped the birth, maturity, and death of this ridiculous piece of self-indulgence. Just not a "follower" I guess. 
    watto_cobra
  • Reply 3 of 4
    gatorguygatorguy Posts: 19,296member
    macseeker said:
    I'm lucky.  I don't have an Instagram account.
    But doesn't mean you haven't been hacked anyway. I think it's a very good idea to occasionally check and see if you email address, along with password or other credentials etc has been harvested by some hacker group. Visit this website and enter your email:
    https://haveibeenpwned.com/
    anton zuykov
  • Reply 4 of 4
    SpamSandwichSpamSandwich Posts: 29,915member
    macseeker said:
    I'm lucky.  I don't have an Instagram account.
    When you're good... you don't need luck.
Sign In or Register to comment.