Instagram 'Download Your Data' Tool Security Flaw Exposed Some Users' Passwords

Advertisement
By Tasneem Akolawala | Updated: 19 November 2018 18:38 IST
Highlights
  • Instagram has reported of a new bug in the data download tool
  • The tool mistakenly shared the user's password via a link
  • The bug has been fixed by Instagram
Instagram 'Download Your Data' Tool Security Flaw Exposed Some Users' Passwords

Instagram launched the data download tool in April this year

Instagram has reported to a few of its users that their password information may have been compromised due to a bug in the new 'Download Your Data' tool. Instagram has confirmed that the URL shared while using the tool included the user's password information as well, something that should not be the case. If this tool was used on a shared computer, this password information in the URL could potentially lead to misuse. The company notes that it has already fixed the bug, but recommends users to change their passwords nevertheless.

The 'download your data' feature was launched in April and it lets users export their photos, videos, archived Stories, profile, info, comments, and non-ephemeral messages. This tool gathers all your data, makes it ready for download, and then sends the user a link via email, clicking which will enable users to download all their Instagram data. Due to the security bug, the link also included the users' account password information erroneously, compromising the user's privacy. The Information reports that an Instagram spokesperson had confirmed that the issue was "discovered internally and affected a very small number of people."

While the link was shared to the user privately via email, if this link was accessed via a public or shared computer, it could risk the users' account credentials being compromised. Instagram says that it has already fixed the issue at hand. "If someone submitted their login information to use the Instagram 'Download Your Data' tool, they were able to see their password information in the URL of the page. This information was not exposed to anyone else, and we have made changes so this no longer happens," and Instagram spokesperson told The Verge.

Even though the issue is fixed, a security researcher cited by The Information brings to light a larger issue with the bug, saying it would only have been possible if Instagram stored users' passwords in plain text format. The Instagram spokesperson disputed this claim saying that the company hashes and salts its stored passwords. While Instagram says that the issue has affected a very small number of people, we recommend that you change your password immediately, and use the data download tool with caution.

 
Post your comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Further reading: Instagram
Amazon, Apple Deal Win-Win Game for Both: Counterpoint
Xiaomi India Claims Its New Business Will 'Forever Change Rural Retail'
Advertisement

Related Stories

Instagram Map With Location Sharing Rolls Out Alongside TikTok-Inspired Friends Tab and Reposts
7 August 2025
Instagram Announces Post-Level Demographics, Viewers Metric, and More Features for Creators
5 August 2025
Instagram Not Allowing Users To Go Live If They Don’t Have 1,000 Followers
4 August 2025
WhatsApp Said to Be Testing Feature That Lets You Import Profile Photos from Facebook or Instagram
28 July 2025
Meta Announces New Safety Features for Instagram Teen Accounts, Adult-Managed Profiles for Children
23 July 2025
Popular on Gadgets
Latest Gadgets
Popular Mobile Brands
#Trending Stories
  1. iQOO 15 Teased Again as iQOO Prepares to Launch Its Next Flagship Phone
  2. Flipkart Independence Day Sale 2025 Will Start on This Date
  3. Tesla Opens First Experience Centre in India in New Delhi's Aerocity
  4. Upcoming Honor Smartphone Could Feature a Massive 10,000mAh Battery
  5. Redmi Pad 2 Review: The Budget Tablet Done Right
  6. Tecno Spark Go 5G India Launch Date Revealed: Check Features, Availability
  7. These iPhone 17 Models Could Be More Expensive Than Last Year's Models
  8. Realme GT 8 Launch Teased; Tipster Leaks Key Specifications Ahead of Debut
  9. Oppo K13 Turbo Series Launched in India With Built-In Fan, 7,000mAh Battery
  10. Oppo K13x 5G Review
#Latest Stories
  1. SpaceX to Fly Italian Science Experiments to Mars on Starship in 2026
  2. SWOT Satellite Captures Tsunami Wave After Kamchatka Quake
  3. Inspector Zende OTT Release Date: When and Where to Watch Manoj Bajpayee Starrer Thriller Online?
  4. Microsoft Lens App to Be Retired at the End of This Year, Company Suggests Users Switch to Copilot
  5. Smartphone Shipments in India Grew 7.3 Percent YoY in Q2 2025; Vivo Retains Top Spot
  6. Microsoft Faces Lawsuit Over Decision to End Windows 10 Support
  7. Oppo Find X9 Ultra to Feature Bigger Dual-Cell Battery Than Find X8 Ultra, Tipster Claims
  8. Samsung Galaxy M17 5G Reportedly Listed on Google Play Console Ahead of Debut
  9. Samsung Galaxy Tab A11 Live Image Surfaces on Safety Korea Database in Sign of Imminent Launch
  10. ChatGPT’s Health Advice Sends 60-Year-Old Man to the Hospital, Raises Questions on Its Reliability
Gadgets 360 is available in
Follow Us
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2025. All rights reserved.