Facebook has had a rough couple of months when it comes to protecting user privacy. The company got even more bad news this week with the release of a report detailing a major security vulnerability in Instagram that could have allowed attackers to access users’ private data, contact information and more.
The vulnerability, first discovered by an Israeli hacker, would allow a bad actor to use an army of bots to build a searchable database of users, connecting their data with their phone numbers. The bug took advantage of the app’s contact importer in conjunction with an attack on its log-in form. However, after Facebook discovered the vulnerability, it downplayed the likelihood that the flaw would ever be exploited. It also dragged its feet to fix the problem.
“I found a high vulnerability on Instagram that can cause a serious data leak,” the Israeli hacker told Forbes. “The vulnerability is still active — and it looks like Facebook are not very serious about pathing it.”
However, after the security issue came to light publicly, Facebook acted quickly to correct it. While the company’s response is ultimately a good thing, it’s troubling that such a major vulnerability was able to exist for so long — especially since Facebook knew about the problem.
The Choice of Tech Experts Worldwide. Try 90 days free of Bitdefender 2020 and experience the highest level of digital safety.
Private Internet Access is an award-winning, cost-effective VPN solution. The use of an anonymous and trusted VPN is essential to your online privacy, security and identity protection.