November 24, 2018
A warning has been issued by Instagram that a number of users of the social media platform have had their password details disclosed by a safety leak.
Unluckily, this breach happened because of a fault in the ‘Download Your Data’ instrument that Instagram added to the platform to permit users to download a copy of their own data. Instagram delivered these users their passwords in plain text. This aspect was applied in April in order to make sure compliance with the EU General Data Protection legislation which became enforceable on May 25 this year. The instrument was developed because of secrecy concerns in the aftermath of Facebook’s Cambridge Analytica scandal.
The disclosed passwords were also saved on Facebook’s servers because of the partnership between the platforms. Nevertheless, they have since been removed from these databases.
Instagram disclosed, late last week, that it has modified the tool to tackle the issue. They also assured users that they would be more cautious with data secrecy going forward. Facebook has also verified that Instagram has removed any registered passwords. It has also suggested users modify their passwords and clear their browser’s record. On November 20 Instagram tweeted: “We know some folks are having a problem retrieving Instagram right now. We know this is annoying, and we’re working to settle the issue as soon as possible.”
This is just the latest in a long list of secrecy breaches that big international Internet and Social Media firms have had to cope with in 2018. They contain:
- Facebook Facing GDPR Investigation over Audience Targeting Methods
- Facebook Reveals Almost 50m Accounts Holders Have Privacy Violated in Cyber Attack
- Facebook Hit with UK£500k Fine for Pre-GDPR Data Breach
- Google+ to Close as Irish DPA Investigates GDPR Breach
- Tech Giants including Facebook and Google Subject to GDPR Complaints
- Twitter Under Review by Irish DPA for Possible GDPR Violations
- Microsoft Office Under Investigation Large GDPR Breach
The consequences of beaches like this are harsh. Fiscal penalties can be as high as €20m or 4% of yearly international income – whichever figure is higher.