The woes and security faux pas Instagram and its parent company Facebook doesn’t seem to end. It was recently reported that Instagram’s Download Your Data tool had a security flaw that accidentally leaked passwords in plain text. The tool was designed to let users get a file of all the pictures, comments, and other information they’ve shared on the platform be downloadable. It was rolled out in April to comply with new data privacy regulations in Europe as well as address any privacy concerns users had in the middle of the Cambridge Analytica scandal. Unfortunately, there was a security issue that included passwords being sent in plaintext in the URL. And for some reason, these were stored on Facebook’s servers, too. But the company said these have since been deleted. The issue has also been fixed, according to Instagram.
According to a spokesperson from the company, only a “small number of people” were affected and they were informed if they were affected by the security vulnerability. If you didn’t hear anything from Instagram, it means you’re safe. But if you’ve used the tool, it might be better to start updating those passwords and activating two-factor authentication for good measure. And if you use that password for other accounts, better update passwords there, too.
Source: Digital Trends