Facebook fixes bug that exposed personal information in Instagram
Facebook has fixed a bug that exposed Instagram users' personal information. The bug, discovered by security researcher Saugat Pokharel, was exploitable by business accounts that were given access to an experimental feature the company was testing. Saugat Pokharel, an experienced bug hunter from Nepal, discovered the bug.
Facebook has said the bug was only accessible for a short period of time, as the experiment was started in October. Pokharel found that the attack worked on accounts that were set to private and accounts that were set to not accept DMs from the public.
When you sign up for an Instagram account, the platform assures that the email address and birthdays of users would not be visible to other users.
However, the bug that was discovered by Saugat Pokharel could have exposed the sensitive information of users to the attackers. If an account did not accept DMs, the user potentially would not receive any notification indicating their profile may have been viewed," the report said on Friday.
As per Pokharel, the bug came to the fore because of an experimental feature that Facebook was testing. Some of the business accounts were given access to the experimental feature that Facebook was testing and was exploitable by them.
Facebook patched the vulnerability after being reported.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.