Want to harvest account details for potential targets? Facebook is your friend it seems…:
A now-patched Instagram vulnerability could have exposed users’ account data and phone numbers to cyberattackers, parent company Facebook confirmed in a new report from Forbes.
The bug was discovered by an Israeli hacker who goes by the handle @ZHacker13. It could have potentially been used to access user data including names, full phone numbers, and Instagram account numbers and handles – all an attacker needs to narrow their focus on a specific person.
It’s the latest in a series of bad news for Facebook, which recently patched an account-takeover flaw in Instagram that would have let an attacker take over any account by resetting its password. Earlier this month, 419 million phone numbers belonging to Facebook users were found publicly accessible in a third-party database left online without password protection.