Click to Skip Ad
Closing in...
  1. MacBook Pro 2021 Price
    16:34 Deals

    Amazon slashed $200 off Apple’s M1 MacBook Pro, or get a MacBook Air for $899

  2. Amazon Deals
    07:56 Deals

    10 deals you don’t want to miss on Sunday: $30 off Amazon Echo Buds, $230 convertibl…

  3. Amazon Gift Card Promotion
    11:46 Deals

    How you can get $15 from Amazon right now for free

  4. Amazon Deals
    07:55 Deals

    10 deals you don’t want to miss on Saturday: Alexa in your car for $19.99, $200 Chro…

  5. Mattress Topper Amazon
    14:52 Deals

    35,000 Amazon shoppers gave this mattress topper 5 stars – get one for $34 today

Do you have a private Instagram account? Your photos may have been exposed

Zach Epstein
February 11th, 2014 at 2:30 PM
Instagram Hack Private Photos

If the events of the past few years have taught us anything, it’s that nothing is safe if it involves the Internet. “Private” is just a word these days, as malicious hackers get more and more creative with their efforts to crack service providers’ security. In the latest example, Forbes staff writer and well-known cybersecurity reporter Andy Greenberg reveals a huge security hole in Instagram that had been present in the app for at least six months before the Facebook-owned team finally fixed the issue last week.

Last August, security researcher Christian Lopez discovered a huge flaw in Instagram’s mobile apps. Using a common hacking technique called cross-site request forgery, the bug allowed Lopez or any other hacker aware of the flaw to covertly switch a user’s profile settings from private to public. A malicious hacker could then quickly download all of the user’s photos and switch the profile back to private before anyone noticed.

Lopez contacted Facebook’s security team back in August to report the bug, and he was given a “four-figure” reward as part of Facebook’s “bug bounty” program. According to the researcher, however, Facebook stumbled numerous times while attempting to fix the hole and private users remained at risk for nearly six months until the bug was finally addressed properly.

While we won’t know for sure unless reports of private photos start popping up in public, Facebook says it isn’t aware of any accounts being compromised.

“We applaud the security researcher who brought this bug to our attention for responsibly reporting the bug to our parent company Facebook’s White Hat Program,” Facebook told Forbes in a statement. “We worked with the team to make sure we understood the full scope of the bug, which allowed us to fix it. Due to the responsible reporting of this issue to us, we do not have evidence of account compromise using this bug.”

Zach Epstein

Zach Epstein has worked in and around ICT for more than 15 years, first in marketing and business development with two private telcos, then as a writer and editor covering business news, consumer electronics and telecommunications. Zach’s work has been quoted by countless top news publications in the US and around the world. He was also recently named one of the world's top-10 “power mobile influencers” by Forbes, as well as one of Inc. Magazine's top-30 Internet of Things experts.

Popular News