Last week, Instagram sent out alerts to its verified users, informing them that a bug in their software could have allowed people to access their email address and phone numbers.
While clarifying that no user passwords were compromised and letting users know that the bug had been fixed, the social media giant also reminded people to engage in two-factor authentication and ensure that their passwords were strong.
Though the company refused to say how many users may have been affected by the bug, an Instagram spokesperson said:
We recently discovered that one or more individuals obtained unlawful access to a number of high-profile Instagram users’ contact information – specifically email address and phone number— by exploiting a bug in an Instagram API.
As always, we encourage people to be vigilant about the security of their account and exercise caution if they encounter any suspicious activity such as unrecognized incoming calls, texts and emails.
While the non-verified amongst us might breathe a sigh of relief at the bug’s irrelevance to us, we should dial back the schadenfreude slightly; a security flaw can occur at any time, and we might quickly find ourselves with our data exposed.