Cyber Crime
Data Of 2.6 Million Instagram and TikTok Users Including Ariana Grande, Kim Kardashian, Kylie Jenner Exposed Online: Security Firm
NEW DELHI: Security experts discovered over two million social network user accounts scraped from the internet after an analytics company mistakenly released them online.
Anurag Sen of the anti-virus reviews site SafetyDetectives led a team that found the data on a misconfigured Elasticsearch server that had been left exposed with no password security or encryption.
It instantly traced the 3.6GB trove of over 2.6 million TikTok and Instagram profiles to IGBlade, a firm that provides its customers with marketing data on social media users.
IGBLade is a platform that provides its clients with “insights on any Instagram or TikTok account,” including data on follower growth, post engagement rate, and other metrics.
Although data scraping is not illegal, and all of the user information in the disclosed database was publicly available, it violates TikTok and Instagram’s terms of service.
The breach might also benefit cybercriminals, who can exploit vast amounts of user information collected in one location to expedite mass social engineering and fraud efforts.
According to the study, the compromised data was publicly available online for more than a month before the research team discovered it and contacted IGBlade. The Romanian company obtained it on the same day, July 5.
Full names and usernames, profile photos, “about” information, email addresses, phone numbers, and location data were all included in the collection. Celebrities such as Alicia Keys, Ariana Grande, Kim Kardashian, Kylie Jenner, and Loren Gray have all been caught up in the privacy scandal.
According to SafetyDetectives, the discovery may place IGBlade in hot water with the two social media behemoths.
Furthermore, if thieves had access to the cache, they might utilise it in subsequent phishing assaults and bulk robocalling schemes. According to the researchers, they might even utilise the stolen profile pictures to establish new false profiles for disinformation and fraud operations.
Follow The420.in on
Telegram | Facebook | Twitter | LinkedIn | Instagram | YouTube