According to TechCrunch
, an Instagram database containing the private information of 49 million members, was accidentally left exposed on Amazon Web Services. The database could have been viewed by anyone since it did not have a password for protection. The accounts in the database included those belonging to Instagram influencers, celebrities, and corporate brand accounts and contained their biographies, profile pictures, number of followers, location (city and country), phone numbers and email addresses.
The leak was discovered by security researcher Anurag Sen, who then contacted TechCrunch to help find the owner of the database. As it turns out, the information belonged to a social-media firm in India called Chtrbox that pays influencers to put up sponsored content on their Instagram accounts. The data included a ranking of each influencer depending on the number of followers they each have and the response to their posts by other Instagram members. While Chtrbox hasn't commented yet on the matter, the database has since been taken offline.
Facebook bought Instagram in April 2012 for approximately $1 billion and said that it will investigate the incident.
"We’re looking into the issue to understand if the data described – including email and phone numbers – was from Instagram or from other sources. We’re also inquiring with Chtrbox to understand where this data came from and how it became publicly available."-Facebook