Unsecured Database Exposed 49 Million Instagram Influencers Records From Scraped Data

An unprotected database hosted on Amazon Web Service (AWS) has exposed millions of records publicly. The database allegedly contained scraped Instagram Influencers data. While the researchers traced the owner of the database, things remain shady about how the source collected such detailed data.

Scraped Instagram Influencers Data Exposed

As revealed by TechCrunch, a researcher has found an unsecured database exposing millions of records online. The database included around 49 million records from scraped Instagram Influencers data.

Reportedly, the researcher Anurag Sen found the publicly open database leaking explicit profile records of Instagram Influencers. TechCrunch also verified the inclusion of data belonging to prominent celebrities, influencers, and food bloggers. The exposed data included details such as profile picture, bio, number of followers, account verification status, city and country, and some private data including accounts’ email address and phone number.

Alongside profile data, the leaky database with scraped data also contained metrics for every account. As stated by TechCrunch,

Each record in the database contained a record that calculated the worth of each account, based off the number of followers, engagement, reach, likes and shares they had. This was used as a metric to determine how much the company could pay an Instagram celebrity or influencer to post an ad.

Leaky Database Now Closed, But…

This database allegedly belongs to an Indian marketing firm ‘Chtrbox’ that sponsors paid content on influencers’ accounts. Upon receiving the report of the matter, Chtrbox closed the open database.

Nonetheless, it remains unclear how they gathered the data. TechCrunch contacted some of the influencers whose data was available in the exposed records. They did verify their information, but denied any link with Chtrbox. It hints the firm would have scrapped this data from Instagram.

Facebook, the owners of Instagram, assures that they plan to investigate the matter, as per their statement,

We’re looking into the issue to understand if the data described – including email and phone numbers – was from Instagram or from other sources. We’re also inquiring with Chtrbox to understand where this data came from and how it became publicly available.

Last month, another researcher Sanyam Jain spotted a leaky database having scraped data of Linked In users. That time too, the database, hosted on Amazon, exposed around 60 million records. However, the owners of the database remained unverified.

Let us know your thoughts in the comments.

Related posts

C2A Security’s EVSec Risk Management and Automation Platform Gains Traction in Automotive Industry as Companies Seek to Efficiently Meet Regulatory Requirements

ZenHammer Memory Attack Exploits Rowhammer Against AMD CPUs

Sign1 Malware Targeted Over 2500 WordPress Sites In Recent Campaign