Facebook Expands Their Bug Bounty Program To Include Third-Party Instagram Data Abuse

  • 2

Facebook’s challenges multiplied after acquiring Instagram. While they were already dealing with lots of security mess-ups with Facebook and Messenger, Instagram problems further added to their miseries. While they already included Instagram in its bug bounty program, it seems the tech giant is now gearing up to tackle Instagram data misuse as well. Reportedly, Facebook expands its bug bounty program to include Instagram data abuses by third-parties.

Facebook Bug Bounty Includes Instagram Data Abuses

According to a recent announcement, Facebook now plans to expand its bug bounty program to include Instagram abuses. Precisely, this move will cover misuse of Instagram data by any third-party apps under Facebook’s Data Abuse Bounty program.

As announced by Facebook’s Security Engineering Manager Dan Gurfinkel, the company plans to protect Instagram users’ information more efficiently. Thus, it will let the researchers report problems and data abuses related to Instagram. Moreover, it will also reward them with bounties. As stated in the announcement,

Our goal is to help protect the information people share on Instagram and encourage security researchers to report potential abuse to us so we can quickly take action.

Enhanced Security Focus At Checkout On Instagram Too

Apart from announcing bounties for Instagram data abuses, Facebook also shed light on another bounty opportunity. As announced, Facebook is also starting an invite-only bug-hunting program for ‘Checkout on Instagram’ – a convenient online shopping feature. Describing this functionality, Gurfinkel stated,

Checkout on Instagram allows people to purchase products directly on Instagram without leaving the app.

Specifically, Facebook has invited a ‘selected group of security researchers to assess this Instagram functionality. These researchers, who have already collaborated with Facebook, can now get ‘early access’ to the feature.

As part of their participation, the researchers will receive early access to the feature and receive bounty awards for eligible reports. The researchers who are helping us test this feature have previously submitted high-quality research to our bug bounty program.

In September 2018, Facebook made a similar expansion in its bug bounty program. That time, they included reports for third-party access token exposure.

Take your time to comment on this article.


Abeerah Hashim

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

Do NOT follow this link or you will be banned from the site!