Instagram influencers suffered a huge data leak. Over 50 million account details have been exposed
Instagram influencers suffered a huge data leak. Over 50 million account details have been exposed. It has been discovered by the cyber security researcher Anurag Sen, who claims that the numbers could go overboard and might include mostly those related to sports, media and prominent food blogging celebrities. The database, hosted by Amazon Web Services, was left exposed and without a password allowing anyone to look inside. Sen alerted TechCrunch in an effort to find the owner and get the database secured. They traced it back to Mumbai-based social media marketing firm Chtrbox, which pays influencers to post sponsored content on their accounts. Each record in database contained a record that calculated the worth of each account, based off the number of followers, engagement, reach, likes and shares they had. This was used to determine how much the company could pay an Instagram celebrity or influencer to post an ad.
The cyber security media: There are several high-profile influencers in the exposed Instagram database, including prominent food bloggers, celebrities and other social media influencers
TechCrunch found several high-profile influencers in the exposed Instagram database, including prominent food bloggers, celebrities and other social media influencers. The cyber security media contacted several people at random whose information was found in the database and provided them their phone numbers. Two of the people responded and confirmed their email address and phone number found in the database was used to set up their Instagram accounts. Neither had any involvement with Chtrbox, they said. Shortly after TechCruch reached out, Chtrbox pulled the database offline. Pranay Swarup, the company’s founder and chief executive, did not respond to a request for comment and several questions, including how the company obtained private Instagram account email addresses and phone numbers.
Facebook: We’re looking into the issue to understand if the data described was from Instagram or from other sources and we’re also inquiring with Chtrbox to understand where this data came from and how it became publicly available
According to TechCrunch, the scraping effort comes two years after Instagram admitted a security bug in its developer API allowed hackers to obtain the email addresses and phone numbers of six million Instagram accounts. The hackers later sold the data for bitcoin. Months later, Instagram — now with more than a billion users — choked its API to limit the number of requests apps and developers can make on the platform. Facebook, which owns Instagram, said it was looking into the cyber security matter. “We’re looking into the issue to understand if the data described – including email and phone numbers – was from Instagram or from other sources,” said an updated statement. “We’re also inquiring with Chtrbox to understand where this data came from and how it became publicly available,” it added.