235 million profiles of Instagram, TikTok and YouTube users leaked online

By Digit NewsDesk | Published on 21 Aug 2020
HIGHLIGHTS

235 million user profiles from Instagram, TikTok and YouTube leaked

Private details of users accounts left unsecured online

Data collected by using web scraping on social media platforms

235 million profiles of Instagram, TikTok and YouTube users leaked online

#IBMCodePatterns, a developer’s best friend.

#IBMCodePatterns provide complete solutions to problems that developers face every day. They leverage multiple technologies, products, or services to solve issues across multiple industries.

Click here to know more

Advertisements

235 million profiles of Instagram, TikTok and YouTube users have leaked online following a massive database that was left unsecured online by Social Data. The Hong-Kong based Social Data provides data sets on influencers from various social media platforms to marketers. According to Comparitech researchers who have published a full report on the data breach, the leaked database contains names, contact details, personal information, pictures, detailed account insights and more such private data sets.

The technique used to collate such a large database is called web scraping wherein an automated script collects bulk data from website and web pages. These 235 million user profiles on Instagram, TikTok and YouTube are public which is why companies like Social Data can acquire all the personal information that users put out on their social media accounts.

The report details as many as 192,392,954 user profiles from Instagram, 42,129,799 profiles from TikTok and 3,955,892 user records from YouTube as part of the large data sets leaked online. Comparitech says, “We do not know how long the data was exposed for prior to our discovery of it on August 1. We also do not know whether any unauthorized parties accessed it during the exposure. Our honeypot experiments show that hackers can find and attack unsecured databases within hours of being exposed.”

Are the leaked databases secured now?

After Comparitech reached out to Social Data to disclose the incident, the company acknowledged the exposed databases and took it down. Having said that, it is currently unknown as to for how long were these unsecured databases lying around and who might have accessed it in the time till it was taken offline.

What all user data was left exposed?

The researches found out that the databases left unsecured by Social Data contained data sets from a now-defunct company, Deep Social. Interestingly, Deep Social was banned by Facebook in 2018 for using their APIs to scrape data from the user’s profile. Subsequently, Deep Social terminated its operations and Social Data has denied any connections between the two companies, both of them involved in data scraping of social media influencers.

As per Comparitech, the four databases contained details about user’s profile name, real name, profile picture, account insights like the number of followers, likes, the growth rate of followers, engagement rate, and other demographic data of the audience along with a timestamp of the last post. Moreover, around 20% of the samples collected by the researchers contained either the mobile number or email address.

These datasets can be used to target users with marketing and phishing campaigns, making many users accounts vulnerable to a “mass attack”. Meanwhile, the pictures collected from these accounts can be used for facial recognition systems and can also be used to create fake accounts.

While social media companies have often barred data scraping companies to operate on their platforms, the practice has not stopped data collecting firms from using a more modern approach and tools to collect data in bulk.

We recommend our readers to be on a lookout for any phishing or spam emails and malicious links that could provide further access to attackers. In fact, Google has removed 25 apps from the Play Store for phishing Facebook log-in details. You can read more about that here

 
logo
Digit NewsDesk

The guy who answered the question 'What are you doing?' with 'Nothing'.

Digit caters to the largest community of tech buyers, users and enthusiasts in India. The all new Digit in continues the legacy of Thinkdigit.com as one of the largest portals in India committed to technology users and buyers. Digit is also one of the most trusted names when it comes to technology reviews and buying advice and is home to the Digit Test Lab, India's most proficient center for testing and reviewing technology products.

We are about leadership-the 9.9 kind! Building a leading media company out of India.And,grooming new leaders for this promising industry.

DMCA.com Protection Status