An exploited bug in Instagram’s application programming interface allowed hackers to steal personal information from high-profile user accounts, the company said Wednesday.
“We recently discovered that one or more individuals obtained unlawful access to a number of high-profile Instagram users’ contact information — specifically email address and phone number — by exploiting a bug in an Instagram API,” a spokesperson for Instagram said in a statement to TIME.
A glitch in Instagram’s API made it possible for a person to get a set of code that potentially contained email addresses and phone numbers for Instagram accounts. At least one individual who found the bug used it to access information for some accounts.
According to Instagram, no account passwords were exposed and the company has fixed the bug. The Facebook-owned company said it believes the hack was targeting high-profile users, and has informed verified members of the service.
“As always, we encourage people to be vigilant about the security of their account and exercise caution if they encounter any suspicious activity such as unrecognized incoming calls, texts and emails,” the spokesperson said.
- How to Help Victims of the Texas School Shooting
- TIME's 100 Most Influential People of 2022
- What the Buffalo Tragedy Has to Do With the Effort to Overturn Roe
- Column: The U.S. Failed Miserably on COVID-19. Canada Shows It Didn't Have to Be That Way
- N.Y. Will Soon Require Businesses to Post Salaries in Job Listings. Here's What Happened When Colorado Did It
- The 46 Most Anticipated Movies of Summer 2022
- ‘We Are in a Moment of Reckoning.’ Amanda Nguyen on Taking the Fight for Sexual Violence Survivors to the U.N.