The flaw was presented in a new feature of the social network, implemented to comply with the GDPR
A security flaw in “Download Your Data”, the recently launched Instagram tool, could have exposed the passwords of some users, as reported by specialists in digital forensics from the International Institute of Cyber Security.
The tool, launched by Instagram just before the entry into force of the GDPR, the European Union’s data protection regulation, is designed to allow users to view and download the personal data that the social network platform has compiled about them.
A spokesperson for the company stated for several cybersecurity and digital forensics media that the incident only affected ‘a small number’ of Instagram users.
“The number of people affected is not the most relevant point; this incident generates serious doubts about how Instagram manages the users’ information”, said Rich Campagna, chief marketing officer of a computer security and digital forensics firm. “Since Instagram is owned by Facebook, which has been experiencing major security issues, it’s no surprise that Instagram shows similar security bugs”.
“Despite recent incidents of massive data theft, many companies keep managing their customers, employees and collaborators’ data in a very poor way,” Campagna believes. “The worst part is that these kinds of incidents will continue to be present, at least until companies, regardless of their size or prestige, begin to provide the proper protection measures for the data they store in their systems”.
According to specialists in digital forensics, Instagram has almost 400 million of daily active users, in addition, it is estimated that about 97 million photos and videos a day are shared in this social network platform.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.