Their information has been exposed through a database that was left completely unprotected on the web, waiting to be accessed by anyone who knew where to look.
Here is all you need to know about it.
On August 1, the team at security firm Comparitech caught Social Data, a Hong Kong-based social media analytics company, exposing three identical databases containing information on 235 million users of TikTok, Instagram, and YouTube.
The datasets, the researchers noted, had the public profile data of these users, including their full names, contact information, age, gender, images, and stats about followers.
The information in the database suggested that its source was Deep Social, an analytics platform that shut down in 2018 after being banned by Facebook and Instagram for mining data from users' profiles.
Now, this indicates that the data in question here was collected through Deep Social's modus operandi of web scraping, a technique of gathering data from web pages in an automated manner.
When Comparitech reached out to Deep Social, they forwarded the request to Social Data, which acknowledged the error and took the exposed database offline.
Social Data's spokesperson clarified, "Please, note that the negative connotation that the data has been hacked implies that the information was obtained surreptitiously. This is simply not true, all of the data is available freely to ANYONE with Internet access."
Even though web scraping is legal, social media firms, including the ones in question here, prohibit the practice through their terms.
This reason being: Gathering data on a large scale could lead to massive phishing attacks and cases of financial/identity theft.
In this case, around one in five entries either had a phone number or email, which could be used for targeted attacks.
Notably, Social Data has not revealed whether anyone else accessed this information before Comparitech got to it. If that has happened, the risk of phishing may still loom. To check if your passwords/emails have been leaked, visit haveibeenpwned.com.
Love Science news?
Subscribe to stay updated.