Instagram exposed user credentials in plain text. THe number of users is not yet disclosed, but the company says it affected "a very small number of people."
In late August, Instagram had another security flaw allowing hackers to gain access to phone numbers and emails for many "high profile" users. Also reported that month, hundreds of instagram users were locked out of their accounts caused by a widespread hacking campaign.
These social sites are rich with personal identifiable information from millions of daily active users and will continue to be targeted by hackers.
Instagram has recently patched a security issue in its website that might have accidentally exposed some of its users' passwords in plain text. The company recently started notifying affected users of a security bug that resides in a newly offered feature called "Download Your Data" that allows users to download a copy of their data shared on the social media platform, including photos, comments, posts, and other information that they have shared on the platform. To prevent unauthorized users from getting their hands on your personal data, the feature asks you to reconfirm your password before downloading the data. However, according to Instagram, the plaintext passwords for some users who had used the Download Your Data feature were included in the URL and stored on Facebook's servers due to a security bug that was discovered by the Instagram internal team.