Just recently, there was a huge data breach exposing almost 235 million Instagram, YouTube, and TikTok accounts. This occurred because of an improperly-secured cloud database. This leak occurred due to web scrapping. Web scrapping is not illegal, however, social media companies strictly prohibits because it exposes data of its users.
Web scraping is an automated process that gathers information from websites. Then, these information will be used by analytics firms to create a huge database of information.
Data breach discovery
Comparitech’s lead researcher Bob Diachenko discovered this data breach when he discovered three identical copies of the exposed database online at the beginning of August. Later, Diachenko and his team examined the data and found out that these data belonged to a company called Deep Social.
However, Social Data had already shut down its operations. Then, they alerted Deep Social about the breach, however, Deep Social forwarded the message to a Hong-Kong based firm called Social Data. Social Data denied any connection with the Deep Social company, but they did secure the database with a password.
Recommended:
- What is the data breach? How does data breach affect you?
- Instagram awards $6000 to Saugat Pokhrel after he discovers a bug in Instagram
What data were leaked?
Comparitech, after finding the breach, the analyzed the data and they found the following information on the breached data:
- Profile name
- Full real name
- Profile photo
- Account description
It also contained statistics about the user engagement and had the following information:
- Number of followers
- Engagement rate
- Follower growth rate
- Audience gender
- Likes
- Audience age
- Audience location
- Last post timestamp
- Age
- Gender
Among these 235 million data that the web crawler scrapped, 191 million were from Instagram, 42 million were from TikTok, and almost 4 million were from YouTube.
Recommended:
- GoDaddy Confirms Data Breach: What 19 Million Customers Need To Know
- How to prevent applications from collecting your data on your Android smartphone.
Why is the breach of publicly available data worrisome?
Although these data are publicly available to anyone, it is still worrisome and vulnerable if it is leaked in such a huge volume. Moreover, they had stored these data in a well-structured database. This means that the person who gets access to such a huge amount of data does not need to aggregate and group them into a structured database as it is already done.
Because of this reason, the person with the data can get more valuable information and insight that he/she would get from individual account data. This possibility makes it very useful for spammers to spam others, as well as for people to conduct identity theft. For this reason, this data breach could be cause problems if it fell to the wrong hands.
Note: For now, just make sure to stay away from spams and make sure not to open any links form unreliable sources. This way, even if your data was leaked, you will be alert as to not fall into their spam.
Follow ICTByte on Facebook for more updates: Facebook
