Data breach seems to have become a norm these days. Recently when ‘Microsoft’ accepted the breach of data of 250 Million users we thought that it would end there. However, Instagram has joined the party.
As per reports from TechCrunch data of thousands of Instagram users was exposed. A social media service ‘Social Captain’ is behind this data leak. Social Captain helps users grow their Instagram follower counts. It has been accused of leaking thousands of Instagram usernames and passwords for potential hackers.
The service provider stored passwords of linked Instagram accounts in unencrypted plaintext. A vulnerability in its website allowed anyone access to any Social Captain user’s profile without having to log in. Further, it also gave access to their Instagram login credentials.
Out of the leaked data, 70 accounts were premium accounts of Social Captain’s paid customers. Instagram which is owned by Facebook has faced such issues in the past. Last year personal data of millions of celebrities and influencers were allegedly exposed from Instagram.
Experts point to design flaws as the major cause of all software vulnerabilities. Such flaws are seldom detected without performing a design review. Further, they require expertise to detect them and are hence provide penetration opportunities.