Facebook has launched an investigation after contact information of almost 50 million Instagram users were allegedly leaked from an online database, according to several news reports. The incident, which was first discovered by TechCrunch, found email addresses and phone numbers exposed, including those of high-profile influencers.
The database in question was managed by an influencer marketing tool company based in India. Speaking to news outlets, Facebook said that it is looking into the issue to understand if the data described was from Instagram or from other sources. It is currently unsure the origin of the data and how it became publicly available. The social media giant has sent an inquiry to Chtrbox. Marketing has reached out to Facebook for further updates.
The discovery found the database to be unprotected by a password or encryption. It has since been taken down. According to its website, Chtrbox is a company that connects brands and influencers in India for marketing campaigns and sponsorships.
In April, datasets from two third-party Facebook apps were exposed to the public. Over 540 million records stored on Mexico-based media company Cultura Colectiva were exposed and a separate backup from a Facebook-integrated app titled “At the Pool” was found on Amazon’s cloud servers. According to cybersecurity firm UpGuard, both exposed datasets contained data about Facebook users, describing their interests, relationships, and interactions.
This is not the first time the social media platform has faced data and privacy breach. In April last year, Facebook found potentially 65,009 users in Singapore at risk of having their information improperly shared with Cambridge Analytica. The platform also confirmed that 1,096,666 accounts in Indonesia were put at risk as well.