Thanks to an apparent bug, hackers were recently able to gain access to multiple "high-profile" Instagram users' email addresses and phone numbers. Instagram announced the discovery in a statement to the Verge Wednesday, just two days after Selena Gomez's account was hacked.
"We recently discovered that one or more individuals obtained unlawful access to a number of high-profile Instagram users' contact information — specifically email address and phone number — by exploiting a bug in an Instagram API," an Instagram spokesperson said. "No account passwords were exposed. We fixed the bug swiftly and are running a thorough investigation."
Though the bug has since been resolved, all Instagram users with a verified account have been contacted regarding potential breaches and advised to use caution when receiving emails or calls from unknown parties. Instagram did not mention specific accounts in their statement, but did note that the hackers were able to successfully use the bug to their advantage on multiple accounts. Multiple reports have theorized that Gomez's hack, which occurred Monday, was likely a result of the API bug.
Gomez's hacked account shared multiple previously published nude images of Justin Bieber. Within hours, Gomez's account had been recovered and returned to Gomez's control. Gomez did not publicly comment on the incident.
For both verified and pedestrian accounts alike, Instagram suggests being cautious with which third-party apps are allowed access. Additionally, users should choose a complicated password (preferably including a combination of numbers, letters, and punctuation marks) that isn't used on any other social media account. For the best results, routinely change your password every few months. Two-factor authentication is also a very good idea.
Instagram did not immediately respond to Complex's request for additional comment.