Instagram vulnerability exposes user account numbers and phone numbers

Facebook-owned Instagram is back in the news for all wrong reasons. This time, a security vulnerability exposed by a security researcher shows that sensitive user data of the photo and the video-sharing website is open to be exploited by hackers.

Israeli Hacker with twitter name ZHacker13 is the person who discovered the details of the vulnerability. He disclosed that real names, Instagram acct numbers, and handles along with full phone numbers were available for access to hackers due to a server vulnerability.

On knowing the details of the data susceptibility, Forbes tried to contact Facebook authorities who pleaded more time to fix the issue.

Remember the disclosure of the vulnerability comes just after a week when Facebook hit the news headlines for exposing phone and account numbers of its 419 million users. Later the world’s leading social media giant read out a statement saying that the leaked data was filled with duplicates and probably belonged to a third party which does data harvesting for marketing purposes.

Cybersecurity Insiders has learned that bad actors exploit such vulnerabilities with Brute Force algorithms hitting Instagram’s login form and Sync Contacts feature. The whole process is automated and is conducted through bots which manage to find out over 15,000 accounts per day.

Wow! That’s enough to do a great amount of damage to a data-intensive company…..isn’t it?

Note- Launched in 2010 this photo and video sharing social networking website has over 1 billion users as of May 2019. Seeing it as a big hit among youngsters, Facebook acquired the company for USD 1 billion in cash in 2012.

Naveen Goud
Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display