Instagram Accidentally Exposed Some Users’ Passwords In Plaintext
- Swati Khandelwal
Instagram recently patched a security issue in its website that was responsible of accidentally exposing some its users passwords in plain text.
The bug originated in the feature called “Download Your Data” that allows users to download a copy of their data shared on the social media platform. Plaintext passwords of some users who had used this feature had their passwords were included in the URL as plaintext.
The company has assured users that the stored data has been deleted from the servers and the tool has now been updated to resolve the issue, which “affected a very small number of people.”
Instagram suggest that affected users to change their passwords and clear their browser history as soon as possible.
Reference: https://thehackernews.com/2018/11/instagram-password-hack.html
Isn’t it a coincidence that in the same month a widespread hacking campaign mysteriously locked out hundreds of users accounts with their email addresses, account names, profile pictures, and passwords changed. This European regulation change allowing people to “Download Your Data” is poking some holes in these megalithic companies. Facebook (i.e. Instagram) also had this issue where this regulation change allowed hackers to steal 30 million FB accounts. Colossal fail Facebook.