03 September, 2017
Facebook Inc.'s Instagram said it found a bug that exposed people's email addresses and phone numbers, which it quickly fixed, according to Chief Technology Officer Mike Krieger. They said that by the time the bug was fixed, they'd stolen the information of at least 6 million users. However, the hack could lend itself to more unsafe deeds, as was the case with Gomez's hacked account posting private and explicit photos of Bieber. Reportedly, a searchable database exists on the dark web where people can look up Instagram usernames and buy the phone number and email address associated with the account for $10 each. "Not a awful start".
The website offers to allow a search of the website for US$10 per query, and its operator had purportedly provided Ars Technica with a sample of data from 10,000 users.
No passwords were exposed, and the photo-sharing app is working with law enforcement to prevent further fallout, Krieger said in a blog post.
In a photo, Linton tagged some of the designers she was wearing and in response, one user wrote: "Glad we could pay for your little getaway", including the hashtag "deplorable". The cybercriminals used a glitch in Instagram's system and started posting nude pictures of the singer and actor's ex-boyfriend Justin Bieber. The celebrities affected in the breach include Emma Watson, Emilia Clarke, Leonardo Di Caprio, Channing Tatum and Zac Efron. In the music world, it was reported that Harry Styles, Adele, Ellie Goulding, Victoria Beckham, Beyoncé, Lady Gaga and Rihanna, Taylor Swift could have been affected among other celebrities.
This person sent CNN Tech a list a list of 1,000 purported Instagram accounts and associated data, and CNN Tech was able to confirm that some of the emails included were used by existing Instagram accounts.
According to Instagram, an automated process by the bug could steal info from up to one million accounts per hour.
Linton responded by saying: "Do you think the USA govt paid for our honeymoon or personal travel?!" This is the biggest attacks ever made by hackers on the web after iCloud's attack.
With telephone numbers and email addresses out in the wild, he added, superstars and Z-list celebrities alike will need to be on their guard in the coming weeks as the attackers may use those contact details for other nefarious purposes.