A major data breach which exposed the personal information of millions of Instagram influencers, celebrities and brand accounts has been reported by TechCrunch. The database has been traced to a Mumbai-based social media firm Chtrbox, adds the report, and nearly 49 million records were first found as part of this database.
According to the TechCrunch report, the database was hosted by Amazon Web Service and was without a password or any security. The database was first discovered by security researcher Anurag Sen, who gave details about the same to the publication.
What is worrying is that the database included personal information of these influencers, celebrities, including contact information, email address for the Instagram account and the phone number. This poses a security risk for these Instagram accounts, given for many of them, the platform might be a major source of their income.
"Each record in the database contained a record that calculated the worth of each account, based off the number of followers, engagement, reach, likes and shares they had," adds the report. Chtrbox reportedly partners with influencers, celebrities for paid posts, content on the Instagram platform.
According to the report two of those contacted confirmed that the information found in the database was true. Worryingly, they also said they had never worked with Chtrbox.
While the database has been removed, the company itself did not issue a response. Facebook, issued a statement regarding this, "We re looking into the issue to understand if the data described including email and phone numbers was from Instagram or from other sources." The company also said it was in talks with "Chtrbox to understand where this data came from and how it became publicly available."
Previously it was reported that Instagram passwords of some users were exposed due to a bug Download Your Data tool for the platform. The company had initially claimed only a small number of people were impacted.