Instagram has come out to inform its users that due to a security flaw, their passwords could have been exposed. An Instagram spokesperson who addressed The Information, said that the issue was ‘discovered internally and affected a very small number of people’.
The security flaw lies in the ‘Download Your Data’ tool, which was developed to comply with the EU GDPR regulations.
ALSO READ:Â Instagram Introduces Time Limits Feature
For some users it could have included their password in the URL of the link they’ve been sent to, um, download their data. If you are using a shared computer, that link would have exposed your password to other people using it.
It remains a mystery why Instagram would store passwords in plain text, which is considered bad practice – like, really bad practice. This one editor here has just requested his data and is waiting to see the URL.