You can’t keep anything a secret these days. No one is immune to this fact, especially social media giant Instagram. The Facebook-owned social media platform is in hot water after the accidental leak of the private information of over 49 million users. This includes nonpublic information of it’s “influencers,” or people who use higher status to sponsor items and sell products.
Security researcher Anurag Sen discovered the breach through an unsecured search through an Amazon Web Services-hosted site. Sen alerted TechCrunch quickly in hopes that the information could be secured, but the damage was already done. While the number of affected users started at 49 million, that number was growing every minute the site remained unsecured.
The database of influencer information was tracked all the way back to Mumbai-based marketing firm Chtrbox. Chtrbox pays influencers to post sponsored content on their Instagram accounts. Their algorithm determines how much to pay these influencers based on the number of followers, engagement, reach, likes and shares they have.
While the database included plenty of public info, it is the private information leak that is the problem. This information includes the location and private contact information (e-mail addresses, phone numbers, etc.) of celebrities, IG models, food bloggers, and countless others.
For the moment, it appears that only these “high-engagement” accounts have been affected. Facebook is looking into the matter, but had vague details for the concerned public. “We’re looking into the issue to understand if the data described – including email and phone numbers – was from Instagram or from other sources. We’re also inquiring with Chtrbox to understand where this data came from and how it became publicly available.”
In the meantime, update your passwords and privacy information. Hopefully this leak didn’t affect you!