- Leaked data includes names, contact information, personal information, images and statistics about followers.
- Comparitech, which identified the leak says the profiles were taken from publicly viewable social media pages.
In yet another massive data breach, 235 million Instagram, YouTube and TikTok (recently banned in India) user profiles have been leaked online.
According to security research firm Comparitech, the data was scraped by Social Data – a company that sells information to marketers.
Data scrapping uses automated technology to save information that people share publicly on social media. The controversial practice is used to save information such as users’ posts and photos to their profile details.
The recent leaked data includes names, contact information, personal information, images and statistics about followers.
According to Comparitech the profiles were taken from publicly viewable social media pages of the social media sites.
“Evidence suggests that much of the data originally came from a now-defunct company: Deep Social. The names of the Instagram datasets (accounts-deepsocial-90 and accounts-deepsocial-91) hint at the data’s origin,” a post by Comparitech said.
Three identical copies of the data were hosted at three separate IPv6 addresses. In total, each one stored data on about 235 million social media profiles. Here is a breakdown of the largest datasets:
- 96,714,241 records scraped from Instagram
- 95,678,713 records scraped from Instagram
- 42,129,799 records scraped from TikTok
- 3,955,892 records scraped from Youtube
Although Social Data insists it only scrapes what is publicly accessible, the practice is against Facebook, Instagram, TikTok, and YouTube terms of use.
Debate still continues about the legality of data scraping as some argue that all information is publicly available data and in no way violates privacy. However Facebook has made its stand clear that companies are not allowed to scrape data using automated means from its platforms without prior permission.