Instagram admits that a bug caused high-profile accounts to be hacked.
It has been just three days since Instagram’s most-followed account, that of actor and singer Selena Gomez, was hacked, with nude photos of her ex-boyfriend Justin Bieber posted online.
With 125m followers, the entertainer would be the obvious target for a large-scale breach of this type. Variety reported that her account swiftly disappeared, but Gomez is now believed to have resecured her details.
In a statement, Instagram said that a bug was present in its application programming interface (API), which it uses to communicate with other applications.
It said: “We recently discovered that one or more individuals obtained unlawful access to a number of high-profile Instagram users’ contact information – specifically email address and phone number – by exploiting a bug in an Instagram API. No account passwords were exposed. We fixed the bug swiftly and are running a thorough investigation.”
The age of the celebrity data breach
All verified Instagram accounts have been notified of the breach by the company and the possible exposure of their details to cyber-criminals, encouraging all users to be vigilant if they receive unusual phone calls, emails or texts.
On a somewhat positive note, passwords for the affected accounts were not likely to have been compromised, according to The Guardian. The ingenuity of cyber-criminals, on the other hand, means that password recovery information could have been obtained through email or mobile numbers.
Celebrity data breaches are nothing new, with Taylor Swift and Ariana Grande among the past victims of such events, again on Instagram.
The targeting of high-profile celebrities by online crime organisations is a growing issue, with data breaches increasing in scale and seriousness as time goes on.
While this API bug has been fixed, it is most likely just one of a series of attacks or threats that will loom large in the future, requiring constant vigilance on the app security and development end.