Data on Millions of Instagram Accounts Spills Onto the Internet (May 22, 2019)
Security researcher Anurang Sen identified an Amazon Web Services (AWS) bucket that was publicly accessible to anyone who navigated to the correct URL. The database contained information associated to millions of Instagram accounts that appeared to have been scrapped from the profiles. The information consists of: account verification status, account follower count, biography, city, country, email address and phone number. The database is believed to be owned by the Mumbai-based social media marketing firm “Chtrbox.”
Recommendation: Always make sure your cloud storage is properly configured. Experts have been warning companies that Amazon S3 buckets are too often misconfigured. Leaked data can be used by extortionists in an attempt to make money. Ensure that any cloud storage services you use are properly configured to only allow access to trusted and authorized users. Require multi-factor authentication for access to the most sensitive materials you store.
Indicators of Compromise (IOCs) associated with this story can be viewed by ThreatStream users here to identify potential malicious activity.