Instagram confirmed on Tuesday that security researcher Christian Lopez Martin discovered a bug which, when exploited, could expose a user’s private photo feed to the public. As Forbes noted, Instagram fixed the bug in early February, but only after it had been a vulnerability for the previous six months. As a reward for finding the exploit, Instagram paid Martin an undisclosed sum per its bug bounty program. Instagram told Re/code that it had found no evidence of any accounts compromised using the bug.
This article originally appeared on Recode.net.
We have a request
Vox's journalism is free because we believe that everyone deserves to understand the world that they live in. That kind of knowledge helps create better citizens, neighbors, friends, parents, consumers and stewards of this planet. In short, understanding benefits everyone. You can join in on this mission by making a financial gift to Vox today. Reader support helps keep our work free, for everyone. Will you join us?
Yes, I'll give $120/year
Yes, I'll give $120/year
We accept credit card, Apple Pay, and
Google Pay. You can also contribute via