Instagram, one of the most popular social media platforms with over 700 million users, suffered a serious Data Breach last week. The hacker or hackers specifically targeted Instagram's verified or 'high-profile' users and stole their profile data, including their phone numbers and Email Addresses. It seems that the hackers exploited a bug in the service. Instagram, with apologies, immediately notified all of its verified users of the breach and gave them advice on how to protect their profile data, promising that additional security measures will be undertaken to prevent any such further occurrence.
Data might have already been misused
Losing followers on Instagram because somebody took an uncompromising photo of you like it happened a few months ago to Kim Kardashian is one thing, but having somebody seriously misuse your account is completely another, as Selena Gomez can verify. It is not yet clear whether the big data breach has anything to do with with the Gomez incident, but they did happen only a few days apart. Instagram did not name the verified users whose data was accessed by hackers nor did it make any direct connections between this, and the Gomez incident.
According to experts, the breach occurred because the hacker(s) used a flaw that exists in Instagram's application programming interface (API).
This interface is used to communicate with other apps. According to the social media platform which is owned by Facebook, the thieves didn't obtain any passwords, and the bug has already been fixed.
In its note to users, along with its apologies, Instagram said that it is reaching out to all verified accounts "out of an abundance of caution" since its main concern is for the safety of its community.
The statement further insisted that the company is further investigating the incident, but that it has in the meantime resolved the breach.
Instagram gives data protection advice
Realistically, the incident is much more serious than it might seem, since no matter how swift the reaction of the social media service was, the data has been stolen.
Having phone numbers and email addresses in their hands and using social engineering techniques, there are numerous ways in which hackers can access the verified users' Instagram accounts.
In the attempt to strengthen the security of its users, Instagram advised the verified users to be cautious if they "receive suspicious or unrecognized phone calls, text messages, or emails." It also advised all of its users to enable two-factor authentication on their accounts and secure those with strong new passwords. As is usual when using all social media platforms, it is advised not to click on any suspicious links or attachments or provide personal information without previously verifying the source.
