Instagram has sent a notification to some of its users that their password might have been exposed caused by a security bug, according to the Information acquired from Engadget. A representative of the company states that the issue was “exposed internally and had an effect on a minimal number of people.”
In this instance, the bug was linked to a feature that the company rolled out in
April intending to allow users download all of their data; this feature was initially implemented after European lawmakers released its General Data Protection Regulation (GDPR).
Instagram says that the users, by whom that feature was used, had their passwords integrated into a URL in their internet browsers, and that the passwords were hoarded on Facebook’s servers, Instagram’s blood relation company. A security investigator told The Information that this would only be possible if Instagram keeps its passwords in plain text, which is supposed to be a more significant and concerning security issue for the company. Therefore, An Instagram spokesperson disputed this, saying that the company tends to hash and salt its stored passwords.
Instagram states that it has since resolved the bug and improved the feature so that no passwords would ever be able to get leaked. Also, users were told that they should change their passwords, as a preventative measure. In a statement to The Verge, spokesperson of Instagram has said that “when someone submits their login information for using the Instagram ‘Download Your Data’ tool, they were able to notice their password information in page URL quickly. However, this information was not uncovered among anyone else, and we have made some amendments, so this would never happen.”
Apart from this, the company recently included a feature that enabled users to track the duration of time they’re spending on the platform. Also, the feature helps users setting a daily reminder of their time limit that they spend for themselves on the platform to be aware of doing using social networking in a good manner.
James Thomas is a Microsoft Office expert and has been working in the technical industry since 2002. As a technical expert, James has written technical blogs, manuals, white papers, and reviews for many websites such as office.com/setup.