Security bug exposes password of Instagram users

A security bug inside Instagram's “Download Your Data” tool that could have been exploited to expose password of thousands of users around the world.

 The feature "Download Your Data" was introduced in April this year after the change in the European Union’s General Data Protection Regulation (GDPR).  It allows users to download a copy of their data.

According to the Independent, the users who used the feature were able to see their password in the URL of their web browsers. Upon further investigation, it was revealed that the passwords were stored on Facebook’s servers as well.


However,  the Facebook-owned company had sent a notification stating that all the data has been deleted and the feature has been updated as soon as they got to know about it.

Meanwhile, Instagram insists that only a “small number of people” have been affected by this security breach, and they have sent notifications to all its users who were affected by this, and those who have not been informed remain unaffected.

from E Hacking News - Latest Hacker News and IT Security News https://ift.tt/2qQfKJO