Even applications as huge as Instagram can be hacked.
This was proven when the company announced August 30 that a bug had penetrated its application programming interface or API, and gained access to contact phone numbers and e-mail addresses for high-profile users.
“We recently discovered that one or more individuals obtained unlawful access to a number of high-profile Instagram users’ contact information — specifically email address and phone number — by exploiting a bug in an Instagram API,” the company said in a statement.
“No account passwords were exposed. We fixed the bug swiftly and are running a thorough investigation.”
But damage had already been done. At the time, Instagram admitted that a “low percentage of accounts” were affected, and too bad that they have to be famous users like Selena Gomez, who holds the most followers in the platform.
After the hack was discovered, the hackers put up a searchable database called Doxagram which allows users to search for victims’ contact information for $10 per search. In an exchange with Daily Beast, they revealed a list of 1,000 accounts which contact information are available on the database.
Photo via The Hacker News
Meanwhile, Instagram never specified as to how many accounts numbers and e-mail addresses were compromised. And it was good that by September 1, Doxagram was already offline.
But cybersecurity firm called RepKnight believes that the information acquired by the hackers are lying in the dark web.
It claims that celebrities like Emma Watson, Zac Efron, Leonardo DiCaprio, Harry Styles, Beyonce, Lady Gaga, Rihanna, Taylor Swift, Katy Perry, Adele, Snoop Dogg, Britney Spears, Floyd Mayweather, and David Beckham, among others, have their contact numbers and e-mail addresses floating out there due to this bug.
Why should this cause an alarm? Because the hack could mean having to change a phone number, e-mail address, or both. It could also have security implications on the accounts hacked.
And it already happened to Selena Gomez which account was briefly taken down after it was used to post nude photographs of Justin Bieber, her ex-boyfriend.
Now, Instagram reported through a blog post of its chief technical officer Mike Krieger that “this issue potentially impacted some non-verified accounts as well.”
Is your account one of them? We are unsure about that. Your contact number and e-mail address might be at risk.
Source: The Verge