Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Data belonging to Instagram influencers and celebrities exposed online

A new data leak made the headlines, a database containing the contact information of millions of Instagram influencers, celebrities and brand accounts has been found online. The news was first reported by the TechCrunch website, a database was left unprotected on an AWS bucket, anyone was able to access it without authentication. The unprotected database was discovered […]

instagram

A new data leak made the headlines, a database containing the contact information of millions of Instagram influencers, celebrities and brand accounts has been found online.

The news was first reported by the TechCrunch website, a database was left unprotected on an AWS bucket, anyone was able to access it without authentication.

instagram

The unprotected database was discovered by the security researcher Anurag Sen that immediately reported its discovery to TechCrunch in an effort to find the owner.

“A massive database containing contact information of millions of Instagram  influencers, celebrities and brand accounts has been found online.” states TechCrunch.

“At the time of writing, the database had over 49 million records — but was growing by the hour.”

The database contained public data scraped from influencer Instagram accounts, including their bio, profile picture, the number of followers, have, if they’re verified, their location by city and country, private contact information, the email address and phone number of the Instagram account owner.

Each record in the database also contained a field that calculated the worth of each account.

The list of influencers in the archive includes prominent food bloggers, celebrities and other social media influencers.

According to TechCrunch, the database belongs to India-based social media marketing firm Chtrbox, which pays influencers to post sponsored content on their accounts.

Strangely two people contacted by TechCrucnh that confirmed the authenticity of the data in the archive denied any involvement with Chtrbox.

“We contacted several people at random whose information was found in the database and provided them their phone numbers. Two of the people responded and confirmed their email address and phone number found in the database was used to set up their Instagram accounts.” continues the website. “Neither had any involvement with Chtrbox, they said.”

TechCrunch contacted Chtrbox that secured the database, but it is not clear how the company obtained those data.

Facebook, that currently owns Instagram, announced it is investigating the incident.

“We’re looking into the issue to understand if the data described – including email and phone numbers – was from Instagram or from other sources,” reads a statement from Facebook. “We’re also inquiring with Chtrbox to understand where this data came from and how it became publicly available,”

In 2017, a vulnerability in the Instagram application that allowed hackers to access information for high-profile users including phone numbers and email addresses of 6 million celebrities.


If you appreciate my effort in spreading cybersecurity awareness, please vote for Security Affairs in the section “Your Vote for the Best EU Security Tweeter”

Thank you

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – Instagram, data leak)

[adrotate banner=”5″]

[adrotate banner=”13″]