Skip to main content
  1. Home
  2. Phones
  3. Mobile
  4. News

Instagram tool accidentally exposes user passwords. Were you affected?

Add as a preferred source on Google

The Instagram tool that allows users to download a copy of their data from the social media platform had a security flaw that accidentally leaked passwords in plain text.

In April, Facebook-owned Instagram rolled out a Download Your Data tool that sends users a file containing all the pictures, comments, and other information that they have shared on the platform. The feature was rolled out to comply with new data privacy regulations in Europe and to address the privacy concerns of users around the world amid Facebook’s Cambridge Analytica scandal.

Recommended Videos

Unfortunately, the Download Your Data tool contained a security issue that also sent users their passwords in plaintext in the URL, The Information reported. In addition, for some reason, the passwords were also stored on Facebook’s servers, though they have since been deleted.

The security issue of the Download Your Data tool, which has already been fixed, only affected a “small number of people,” a spokesperson told The Information. However, these users may have had their Instagram passwords exposed if they were using a shared computer, or if they were on a compromised network. If they use the same password on other websites or apps, then the security issue becomes a bigger problem.

Instagram sent notifications to the users who were affected by the vulnerability, so those who were not contacted should not worry about their account passwords being compromised. However, for all Instagram users who recently utilized the Download Your Data tool, changing your password or activating two-factor authentication would not hurt, just to be sure.

The newly exposed bug follows a strange Instagram hack in August that locked users out of the platform because their account information, particularly their password, mobile number, and email address, were changed. In several cases, the emails linked to the compromised accounts were changed to Russian emails. The accounts, however, did not share new images, nor did they delete old ones.

Instagram hacks come in several different forms, and users will need to perform specific actions to recover their Instagram accounts. Here is a guide on what to do if you suddenly find yourself a victim of Instagram hacks, so that you can get your account back.

Aaron Mamiit
Aaron received an NES and a copy of Super Mario Bros. for Christmas when he was four years old, and he has been fascinated…
Galaxy Z Fold 8 Ultra: Everything we know about Samsung’s next flagship foldable
Though it will feature improvements across the board, the memory crisis might not spare Samsung’s Fold 8 Ultra.
Electronics, Speaker, White Board

The Samsung Galaxy Z Fold 8 Ultra is not the phone that reimagines what a foldable looks like. As that job falls to its sibling, the wider-screen Galaxy Z Fold 8, the Ultra could come as the direct successor to the Galaxy Z Fold 7, with the same tall, narrow design and the same book-style proportions, for the same audience. 

If you've used a Samsung Galaxy Z Fold in the past and think that the shape is perfect for you, the Fold 8 Ultra could be just the right phone for you. It has a redesigned inner display, a substantially larger battery, faster charging, and the new Flex Titanium technology designed to minimize the crease that has troubled Samsung's foldables for years. 

Read more
Your OnePlus phone is switching to ColorOS, whether you like it or not
OnePlus has confirmed that OxygenOS is being phased out, and eligible devices will get the option to update to ColorOS 17 once it becomes available.
Person holding OnePlus 15.

OnePlus has confirmed that OxygenOS, the Android skin that helped define the brand for more than a decade, is being retired in favor of ColorOS. The confirmation came buried in the community forum post announcing its exit from North America and Europe.

ColorOS replaces OxygenOS worldwide

Read more
Personal Intelligence in Search now connects to Google Calendar
Google Search AI can now read your Calendar and add events automatically
Google Calendar

Google is taking another step toward making Search feel less like a search engine and more like a personal assistant. The company has announced that AI Mode's Personal Intelligence can now connect directly to Google Calendar, allowing it not only to reference your schedule but also to create calendar events on your behalf.

Until now, Personal Intelligence mainly pulled information from apps like Gmail and Google Photos to provide more relevant responses. Calendar changes the equation because it becomes the first connected Google app that doesn't just provide context. It can actively act. The feature is rolling out now to users in the United States, with a wider international rollout planned later.

Read more