Instagram Accidentally Exposed Some User Passwords

No matter how careful you are with your IT security and data protection, security breaches are here to stay, with hackers staying one step ahead and gaining access to your crucial data. Every company from the likes of Yahoo, Facebook, have suffered security breaches, and now the latest to join the bandwagon is the photo-sharing platform Instagram.

Facebook was already in the news earlier and now this security bug which exposed passwords of Instagram users. Those users who accessed Instagram’s ‘Download Your Data’ feature are affected by this security bug Instagram confirmed to The Information that the security bug was “discovered internally and affected a very small number of people”. However, for users who accessed Instagram’s ‘Download Your Data’ feature on public computers with shared network could have exposed it majorly giving hackers a window to their profile.

If you haven’t received any notification of this security bug, then your password wasn’t exposed. However, it is advised that all Instagram users change their passwords and also opt for two-factor authentication for stronger security.

Instagram’s security bug was interestingly stored in a privacy feature it rolled out earlier this April in compliance with the EU’s GDPR law. Instagram lets users download a copy of the data saved on their servers. Users will be able to download information like photos, videos, comments, and more.

As said above Instagram’s breach comes at a time when Facebook is already facing charges of security vulnerability. Just a few months back Facebook’s ‘View As’ feature was compromised exposing data of around 50 million users. The social media giant was hit with the biggest data breach involving data firm Cambridge Analytica.

With close to 700 million users this is not the first time that Instagram has suffered a security leak. In September this year, the company discovered a bug that could be used to gain access to users’ email addresses and phone numbers.

According to a blog post by Mike Krieger, co-founder and CTO, Instagram, even phone numbers and email addresses of those who’d made the information private could have been stolen.