Instagram, Facebook’s hotter, snootier subsidiary, may have a massive data breach on its hands.
This week, a security flaw within Instagram allowed hackers to assemble a database of what appeared to be verified users’ contact information—some of those affected purportedly being celebrities and politicians. According to the Verge, Instagram now says the known scope of the breach has expanded to include at least some unverified Instagrammers.
“… We recently discovered a bug on Instagram that could be used to access some people’s email address and phone number even if they were not public,” Instagram CTO Mike Krieger wrote in a blog post. “No passwords or other Instagram activity was revealed. We quickly fixed the bug, and have been working with law enforcement on the matter. Although we cannot determine which specific accounts may have been impacted, we believe it was a low percentage of Instagram accounts.”
“We are very sorry this happened,” Krieger added.
As the Daily Beast reported last week, the unknown hackers behind the breach claim to have compromised six million accounts and set up a website called “Doxagram,” which allegedly offered access to phone numbers, email addresses or both for 1,000 Instagram accounts at $10 a search.