“We recently discovered that one or more individuals obtained unlawful access to a number of high-profile Instagram users’ contact information — specifically email address and phone number — by exploiting a bug in an Instagram API,” an Instagram representative noted in a statement. Luckily, it would appear that account passwords were kept safe, but all the same, it’s an alarming security loophole in an app that boasts more than 700 million users a month.
Instagram’s announcement comes on the heels of another extremely high-profile hack. Earlier this week, Selena Gomez, who boasts the greatest number of followers on the platform, saw her own Instagram profile hacked. As a result, nude photos of ex-boyfriend Justin Bieber were posted to her account. The social media platform briefly shut down the account to help Gomez restore control of the profile and re-secure exclusive access.
But now, it’s not just Gomez who may need to be concerned. Instagram has not yet disclosed whether the latest breach is at all related to the earlier hack and also has not revealed exactly whose accounts were affected.
“At this point we believe this effort was targeted at high-profile users so, out of an abundance of caution, we are notifying our verified account holders of this issue,” an Instagram spokesperson told Fortune in a statement. So if you have a little blue check next to your name in your Instagram account, you will be getting an email from Instagram regardless of whether or not you were affected by the breach, reminding you to make use of two-factor authentication and unique passwords.
“Our main concern is for the safety and security of our community,” Instagram said. “As always, we encourage people to be vigilant about the security of their account and exercise caution if they encounter any suspicious activity such as unrecognized incoming calls, texts, and emails.”
