Saugat Pokharel, a security researcher has just found a bug on Instagram that can easily give out and reveal the users personal information to an attacker. The bug was repaired once it was reported to Facebook, but it was utilizable by those business related accounts that were provided with special access. This was due to a feature being tested by Facebook.
A business suite tool was being tested by the social media platform which could connect the business accounts to Instagram in a way that it would give them easy access to a user’s personal info. They simply needed to send a direct message in order to get access to the information. Along with any direct message, this would provide the business accounts the user’s personal information.
It would increase the risk of private personal accounts getting hacked easily. Usually the accounts that do not readily accept direct messages. After their personal information would be given to business accounts, they would not even receive any notification about it.
After the discovery of this bug, facebook claimed that this bug was only made available for a short time period and no exploitation of user’s information was done during that time.
Saugat also stated that Facebook had fixed the bug a few hours after it was reported to them.
