Hackers use Instagram's bug to hack into high-profile accounts

An Instagram bug has stirred up trouble. The bug has allowed hackers to access data like contact phone numbers and email addresses of high-profile users, the company said in a statement. The numbers of high-profile users that have been hacked into are unspecified yet. However, no personal information like passwords are leaked, the company said.

The bug was discovered recently in Instagram’s application programming interface, or API, which the service uses to communicate with other apps. But Instagram refused to comment on the whos-who among the high-profile list.

“We recently discovered that one or more individuals obtained unlawful access to a number of high-profile Instagram users’ contact information — specifically email address and phone number — by exploiting a bug in an Instagram API,” the company said in a statement. “No account passwords were exposed. We fixed the bug swiftly and are running a thorough investigation.”

Presumably, the bug didn’t specifically apply to high-profile users, but they’re really the only ones worth targeting. No hacker would want the information like email address and phone number of a random teen anywhere in the world. So depending on how the API abuse was and how quickly Instagram shut it down, it looks like the attack was on a few dozen and not a few hundred.

Once the bug was fixed, Instagram issued and notified all verified users of the issue in an email. It said that the bug is fixed and the security team is investigating further. The company also recommended that high-profile users set up to factor authentication. Who knows, hacking seems to be a common thing these days and it’s never too late to stay protected.