Instagram this evening is alerting users that it has suffered a security breach exposing the contact information of “high-profile” users. The news of this hack comes just days after celebrity Selena Gomez had her account comprised, but it’s unclear if the two events are related.
Instagram says the breach has revealed the email addresses and phone numbers associated with each account, but passwords were not exposed. The social network attributes the hack to someone exploiting a bug in an Instagram API.
In the statement, obtained by Variety, Instagram encourages users to “be vigilant” about the security of their account and to use caution if they receive any recognized calls, texts, or emails.
Instagram hasn’t specific which accounts were part of the breach, but it says that the API glitch made it possible for the hacker to obtain code that contained the email and phone information of the targeted users, which it believes were “high-profile” accounts only.
“We recently discovered that one or more individuals obtained unlawful access to a number of high-profile Instagram users’ contact information – specifically email address and phone number — by exploiting a bug in an Instagram API,” a rep said in a statement.
“Our main concern is for the safety and security of our community,” Instagram said. “As always, we encourage people to be vigilant about the security of their account and exercise caution if they encounter any suspicious activity such as unrecognized incoming calls, texts and emails.”
The company says it has alerted the affected accounts while it continues to direct all users towards its security tips webpage where it encourages two-factor authentication and other security measures.