Turns out we all may be “high profile” in the eyes of Instagram.
A bug in the social media company’s API reportedly allowed hackers to gain access to account holders’ phone numbers and email addresses, with Instagram assuring everyone on Aug. 30 that it was the celebs of the world who were targeted. But that was then.
Things are looking just a tad bit different now, with reports suggesting that as many as 6 million accounts were possibly affected and that regular old users may have fallen victim as well.
The company issued a new statement on Sept. 1, copping to the fact that things may be worse than it originally admitted.
“After additional analysis, we have determined that this issue potentially impacted some non-verified accounts as well,” a spokesperson told Mashable via email. “Although we cannot determine which specific accounts may have been impacted, we believe it was a low percentage of Instagram accounts.”
A “low percentage” of 700 million accounts — the current number of monthly active users on Instagram — is still quite a lot of accounts.
According to The Daily Beast, the person or persons responsible for the hack have gone so far as to create a searchable database allowing anyone to find the contact details of any affected user — all for the low low price of approximately $10 (paid in Bitcoin, of course).
“Out of an abundance of caution, we encourage you to be vigilant about the security of your account, and exercise caution if you observe any suspicious activity such as unrecognized incoming calls, texts, or emails,” wrote CTO Mike Krieger in a Sept. 1 blog post. “Additionally, we’re encouraging you to report any unusual activity through our reporting tools.”
In other words, this hack didn’t just affect “high-profile Instagram users” as the company initially suggested. You and I are at risk as well — so much so that Instagram is warning us all to be on the lookout.
So look out, because this is shaping up to be way worse than anyone initially thought.