Instagram said no private emails or phone numbers of Instagram users were accessed
Private data of over 49 Mn Instagram influencers was allegedly left open
Chtrbox denied private data leak, but said a particular database was inadvertently exposed for approximately 72 hours
Inc42 Daily Brief
Stay Ahead With Daily News & Analysis on India’s Tech & Startup Economy
In the days following reports that private data of over 49 Mn Instagram influencers has been compromised, Instagram has said that its initial investigation has revealed that no private emails or phone numbers of Instagram users were accessed.
The revelation comes after security researcher Anurag Sen saying that a database, hosted by Amazon Web Services, which contained contact information of millions of Instagram influencers, celebrities and brand accounts was reportedly left in the open and without a password, allowing anyone to look inside.
The report reviewed that each record contained public data scraped from influencer Instagram accounts which included their bio, profile picture, the number of followers they have, if they’re verified and their location by city and country. However, it also contained their private contact information, such as the Instagram account owner’s email address and phone number.
The leak was traced back to a Mumbai-based social media marketing firm Chtrbox, which pays influencers to post sponsored content on their accounts. The company has now issued a statement saying that the reports of private data being leaked “inaccurate” but acknowledged that “a particular database for limited influencers was inadvertently exposed for approximately 72 hours”.
“This database did not include any sensitive personal data and only contained information available from the public domain, or self reported by influencers,” Chtrbox said.
Chtrbox further said that no personal data has been sourced through unethical means by the company. Talking to Inc42, independent security researcher Rajshekhar Rajaharia also said that this alleged data breach is rather a scrap.
“Our database is for internal research use only, we have never sold individual data or our database, and we have never purchased hacked-data resulting from social media platform breaches. Our use of our database is limited to help our team connect with the right influencers to support influencers to monetize their online presence, and help brands create great content,” Chtrbox added.
Instagram spokesperson also said that Chtrbox’s database had publicly available information from many sources, one of which was Instagram. In all, the alert this alleged data breach has brought to Instagram may help it in ensuring it doesn’t join the club of data sensitive sites and thus, lose user trust.
Note: We at Inc42 take our ethics very seriously. More information about it can be found here.