Millions of Instagram Influencers data are found on a database with no password

According to a report from TechCrunch, Cyber Security researcher, Anurag Sen, has just found a database containing private information of about 50 millions and more Instagram influencers. The data hosted on an Amazon Web services server without any password protection.

The Cyber Security researcher has claimed that those Instagram influencers, including celebrities and official brand accounts, personal details were leaving without password and thus open for all to access to it creating the huge vulnerabilities of privacy issues or even data theft.

TechCrunch tracked the database to a Mumbai-based social media marketing company named Chtrbox. The influencers were paid to post their client sponsored content on their accounts. Further analysis revealed that the database contained the details including:

  • Names,
  • Pictures,
  • Phone numbers

It is surprising that the database contains that details also that are not made public by Instagram. The data also contains the worth of Instagram influencers in terms of number of followers, total shares, favourites and other matrices. Such a detail help the marketing company to decide how much to pay the Instagram Influencers.

How the Chtrbox manage to obtain the phone numbers

It was asked to two of the Instagram Influencers whether phone numbers or email addresses belong to them or not. They replied in negative, however said that these are the phone numbers and the emails they used while set up the Instagram account.  This arise a most obvious question, how does the Chtrbox manage to obtain the phone numbers and email addresses.

Here is what the Facebook, which owns Instagram, said, “We’re looking into the issue to understand if the data described – including email and phone numbers – was from Instagram or from other sources. We’re also inquiring with Chtrbox to understand where this data came from and how it became publicly available.”