Home
Apps
Apps News
Instagram Bug Allowed Hackers to Obtain Phone Number, Email Address of Verified Users

Instagram Bug Allowed Hackers to Obtain Phone Number, Email Address of Verified Users

By Akhil Arora | Updated: 31 August 2017 12:58 IST

Photo Credit: Instagram

Highlights

The bug was part of Instagram's API
Gomez's account was broken into on Monday
Phone numbers and email addresses obtained

A bug in Instagram allowed hackers to obtain access to phone numbers and email addresses of high-profile user accounts, i.e. verified users, the company has revealed. The bug was part of Instagram's application programming interface (API), which is used to communicate with other apps.

It might also help explain the hack of singer-actress Selena Gomez's account from earlier this week, which was followed by nude pictures of her ex-boyfriend Justin Bieber from 2015. Gomez is the most-followed person on Instagram with over 125 million followers.

“We recently discovered that one or more individuals obtained unlawful access to a number of high-profile Instagram users’ contact information – specifically email address and phone number — by exploiting a bug in an Instagram API,” Instagram said in a statement. "No account passwords were exposed. We fixed the bug swiftly and are running a thorough investigation.”

Instagram has also contacted all its verified users and notified them of the possible leak of personal information. The company wouldn't comment on which accounts had been compromised. Gomez's Instagram account was broken into briefly on Monday, before the pop star regained access a few hours later, with help from the company.

“Our main concern is for the safety and security of our community,” Instagram added. “At this point we believe this effort was targeted at high-profile users. We encourage people to be vigilant about the security of their account and exercise caution if they encounter any suspicious activity such as unrecognised incoming calls, texts and emails.”

For what it's worth, Instagram does have support for two-factor authentication, though it remains unclear if the affected accounts had it enabled, or whether it was somehow bypassed by the hackers.

Comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.