Instagram has officially confirmed that a security bug has compromised several high-profile accounts on its service, allowing hackers to access and steal sensitive information including phone numbers.
According to a report by TIME, the vulnerability allowed hackers to access private information of popular user accounts, which includes email addresses linked with the service as well phone numbers used for two-factor authetication.
A bug in Instagram’s API allowed the hacker to get a set of codes that are said to contain email addresses and phone numbers for Instagram accounts. The hacker who found the glitch used it to access information for some of accounts, further adds the report.
“We recently discovered that one or more individuals obtained unlawful access to a number of high-profile Instagram users’ contact information — specifically email address and phone number — by exploiting a bug in an Instagram API,” said the company in a statement.
The Facebook-owned service, however, claims that no further details were stolen and no passwords were compromised as well. Instead, the Facebook-owned service claims that it has already approached users who might have been affected by this glitch to take required security measures and fix the problem.
“As always, we encourage people to be vigilant about the security of their account and exercise caution if they encounter any suspicious activity such as unrecognized incoming calls, texts and emails,” Instagram added.
Instagram accounts of popular celebrities including Justine Bieber and Selena Gomez have been comprised lately. Bieber had his nude photos posted, though were quickly removed as soon he regained access. While Gomez, who currently has the maximum number of followers on Instagram, had her personal details compromised.
Photos published on her hacked account were earlier posted on the web back in 2015. However, both censored and uncensored versions reached the web. Reports claim that the hacker posted the uncensored batch after he got access to Gomez’s account.