Instagram has alerted its most popular account holders after a software bug resulted in the unauthorized disclosure of users’ phone numbers and email addresses.
“We recently discovered that one or more individuals obtained unlawful access to a number of high-profile Instagram users’ contact information — specifically email address and phone number — by exploiting a bug in an Instagram API,” its application programming interface, the Facebook-owned photo-sharing service said Wednesday.
“No account passwords were exposed. We fixed the bug swiftly and are running a thorough investigation,” Instagram said in an email sent to verified users.
While log-in credentials weren’t necessarily leaked, however, Instagram acknowledged the compromised information still risked being exploited.
“Our main concern is for the safety of our community and, out of an abundance of caution, we are reaching out to all verified accounts,” the company wrote. “At this point we believe this effort was targeted at high-profile users.”
“As always, we encourage people to be vigilant about the security of their account and exercise caution if they encounter any suspicious activity such as unrecognized incoming calls, texts and emails.”
Instagram has about 700 million users worldwide, including roughly 375 million daily users.
Selena Gomez — the app’s most popular user with more than 125 million followers — was the target of a headline-grabbing hack earlier this week involving her former boyfriend, fellow pop star Justin Bieber. Her account briefly went offline Monday after being breached by a person who used the new access to share a naked image of her ex.
It was not immediately clear if the incidents were connected, and Instagram has declined to comment on the specific accounts affected by the bug.
• Andrew Blake can be reached at ablake@washingtontimes.com.
Please read our comment policy before commenting.