Cache of 49 million Instagram records found online

A security researcher has discovered a huge cache of data for millions of Instagram accounts, which are publicly accessible to everyone. The account contained sensitive information that would be useful for cyberstalkers, among others.

A security researcher who calls himself anurag sen on Twitter discovered the database hosted on Amazon Web Services. It had more than 49 million records when it was discovered and still grew before it was deleted.

The Instagram data includes user bios, profile photo & # 39; s, sequence numbers, and location. This information is visible online. What is more astonishing is that, according to Techcrunch, it also contained the e-mail address and telephone number for setting up the accounts, which broke the story.

Reporters identified the owner of the database as Chtrbox, a social media company from Mumbai. It pays social media influencers to publish sponsored content through their accounts. The database has since disappeared from Amazon.

Chatrbox Response

Chatrbox ran into problems with press coverage of the leaked records, and sent Naked Security the following statement:

The reports about a leak of private data are not accurate. A certain database for limited influencers was inadvertently exposed for approximately 72 hours. This database did not contain sensitive personal data and only contained available information from the public domain or self-reported by influencers.

We also want to confirm that no personal data has been obtained through unethical means by Chtrbox. Our database is for internal research purposes only, we have never sold individual data or our database and we have never purchased hacked data that is the result of breaches of the social media platform. Our use of our database is limited to help our team connect with the right influencers to help influencers make money with their online presence and to help brands create great content.