And while the social media platform claimed it was limited to holders of verified accounts, it appears as if it hit non-verified members as well. Mike Krieger, co-founder and CTO, Instagram said that the company has fixed the bug, though it was unable to identify the affected accounts. A hacker group by the name - 'Doxgram', has claimed responsibility for the hack and now it is offering details from the stolen accounts for mere $10 per lookup in the underground internet.
Personal data exposed in the hack include email addresses and phone numbers.
Russia's Lavrov Accuses US of 'Solo Breakdancing'
And in the announcement Thursday, State Department spokeswoman Heather Nauert said this was another step "in the spirit of parity invoked by the Russians ".
Instagram admitted the security bug in a letter today, though it downplayed how many users had been affected. But before they could release the update, hackers have attacked on millions of accounts including the high profile celebrities. However, hackers are always working on the ways to hack accounts and they did the same with Instagram. No passwords or other Instagram activity was revealed. "Instagram clearly hasn't yet understood the full impact of this bug", one of the people behind the site, dubbed 'Doxagram, ' told The Daily Beast...
Per the Verge, cybersecurity firm RepKnight said supposed contact information for a number of celebrities featured on Doxagram was circulating on the dark web, ranging from Hollywood celebs like Emma Watson and Leonardo DiCaprio to musician Harry Styles and boxer Floyd Mayweather.
"Although we can not determine which specific accounts may have been impacted, we believe it was a low percentage of Instagram accounts", a spokesperson told Mashable. Krieger wrote, "Protecting the community has been important at Instagram from day one, and we're constantly working to make Instagram a safer place".
Instagram discovered that a bug in their application's programming interface, was to blame for the latest hacking reports. It's highly probable that after this per-request-sale, hackers will try to sell the entire data dump altogether.