Security flaw discovered in Instagram's 'Download Your Data' tool
Instagram has come forward to users informing them that as a result of a security flaw their passwords could have been exposed. An Instagram spokesperson has said to The Information that the issue was 'discovered internally and affected a very small number of people'.
The security flaw lies in the 'Download Your Data' tool, which was devised to comply with the EU GDPR regulations. For some users it could have included their password in the URL of the link they've been sent to, um, download their data. If they were on a shared computer, that link would have exposed their password to people using it after them.
It remains a mystery why Instagram would store passwords in plain text, which is considered bad practice - like, really bad practice. This one editor here has just requested his data and is waiting to see the URL.
-
Facebook has deleted over 1.5 billion fake accounts just this year
-
Facebook wants to put a mic and camera in your home with the Portal
-
Instagram adds new security features, including support for third-party two-factor authenticators
-
Instagram adds green dot on profile pictures to show you who's online
Reader comments
- Bangi
- T2v
apps with smaller teams tend to care more and take their sweet time, apps bought out by big companies tend to make their employes "time crunch" which in turn makes them care more about how long it took not how well it was done.
- Baykko
- LEi
Hackers and audiences in general will pay more attention to an App when it is taken by a big company. Like Instagram being taken by Facebook. Yes the more resources they have the easiest it should be to protect them but don't underestimate the time, ...
Tip us
883k
147k NEW!
687k
RSS
Log in I forgot my password Sign up