Private contact data of millions of Instagram users was reportedly exposed

Andy Meek

Facebook is investigating a report that claims the private contact data for millions of the influencers, brands, and celebrities who use the company’s Instagram subsidiary has been exposed online.

That news comes via TechCrunch, which recounted in a post on Monday that an unprotected database hosted by Amazon Web Services included private emails and phone numbers for millions of high-profile Instagram users. In all, more than 49 million records were reportedly contained in the database.

Related Stories:

Instagram will test hiding how many 'likes' your posts get so you'll stop obsessing
Facebook now says 'millions' of Instagram passwords were exposed, not 'tens of thousands'
You could win a year of free flights from JetBlue, but there's a wild catch

A Facebook spokesman told TechCrunch it’s looking into the matter and that “Scraping data of any kind is prohibited on Instagram.” According to the publication’s report, a security researcher named Anurag Sen found the database and alerted the news site to its existence. The site, in turn, says it traced the database to the social media marketing firm Chtrbox, based in Mumbai.

That firm apparently pays influencers for sponsored posts — moreover, it seems this database also assigned an estimated worth to each account in the database based on things like its number of followers and overall reach. It’s the kind of information that would be used to determine how much to pay an influencer for one of those sponsored posts.

TechCrunch says it reached out to some of the Instagrammers whose data it came across. The site was able to contact several random people based on private data found in the database, underscoring its legitmacy — though the site reports the database has also since been taken offline.

The Facebook spokesman added that the social network is looking into how this happened and what data was obtained and that the company “will share an update soon.” Of course, this comes some two years after a version of the same thing happened before, when Instagram acknowledged that a security bug let hackers improperly get their hands on private contact data for six million Instagram accounts.

BGR Top Deals:

  1. Surprise: Amazon’s early Prime Day sale with $25 Fire TV Sticks is somehow still going
  2. Don’t spend $159 on AirPods when the world’s first HDR Bluetooth earbuds are almost $100 less

Trending Right Now:

  1. Everything new coming to Netflix this week, and everything leaving (week of May 19)
  2. It’s official: The ‘Game of Thrones’ series finale was the worst episode in the show’s history
  3. Top Samsung insider teases some big Galaxy Note 10 design changes we didn’t see coming

See the original version of this article on