For the second time within seven days a Facebook-owned app has been reported to have had a security and data privacy incident. On May 13th, 2019, it was reported that a WhatsApp hack allowed surveillance software to be installed on users’ smartphones. On Monday, May 20th, a security researcher uncovered a massive, unsecured database containing nearly 50 million records belonging to Instagram users, including known social media influencers, celebrities, and those also assigned to major enterprises and company household names.
The news was broken by TechCrunch, who traced ownership of the database to India-based Chtrbox, a digital marketing firm. The exposed data included Instagram users’ contact information, bios, number of followers, verification status, and location. This detail is used by advertisers to determine the value of a social media influencer’s account for sponsored content.
More troubling, though, is that private contact information like users’ email address and phone number were also left exposed. These two pieces of information can be used to execute bulk phishing or phone scams, or even reset account login credentials on social media or eCommerce sites, causing further risk of identity fraud and reputational damage.
Resources for Social Media Breach Victims
Social media platforms have exposed hundreds of millions of users across numerous incidents so far in 2019, leaving account holders vulnerable to identity theft and fraud. Outside of social media, the continued number of regular data breaches leaves us all exposed. Here are some resources below to keep yourself, your family, and all those you care about protected – as we all have sensitive personal information that fraudsters are willing to buy and trade on the Dark Web:
- Bringing Social Media Identity Monitoring into the IdentityForce Family
- Password Strength Test
- Data Breach News Summary (Table)
- 9 Tips for 2019 Data Breach Victims (Infographic)
- 7 Tips for Protecting Your Identity (Printable PDF)