Firm at centre of Instagram breach denies storing personal details
Chtrbox claims initial reports around the breach are ‘inaccurate’.
An Indian marketing firm at the centre of an Instagram data breach has called claims about the incident “inaccurate”.
A report by US website TechCrunch claimed personal contact information for a number of influencers and brands had been found on a server which was unprotected, and potentially accessible by anyone
Mumbai-based Chtrbox said the database was “inadvertently exposed for approximately 72 hours”, and claimed it was not holding any personal data on users.
We have never sold individual data or our database, and we have never purchased hacked data resulting from social media platform breaches Chtrbox
“This database did not include any sensitive personal data and only contained information available from the public domain, or self-reported by influencers,” the company said in a statement.
“We would also like to affirm that no personal data has been sourced through unethical means by Chtrbox.
“Our database is for internal research use only, we have never sold individual data or our database, and we have never purchased hacked data resulting from social media platform breaches.
“Our use of our database is limited to help our team connect with the right influencers to support influencers to monetise their online presence, and help brands create great content.
“Chtrbox is an influencer marketing company, operational only in India.”
Following the initial report, Facebook-owned Instagram released a statement which said it was still looking into the incident.
The possibility of third parties mishandling user data is something we take seriously, which is why we’re quickly working to understand what happened Instagram
“We are investigating whether a third party improperly stored Instagram data, in violation of our policies,” a spokesman said.
“It’s also not clear whether the phone numbers and emails in Chtrbox’s database came from Instagram.
“Regardless, the possibility of third parties mishandling user data is something we take seriously, which is why we’re quickly working to understand what happened.”
Facebook has been at the centre of several data scandals involving the third-party use or mishandling of personal user data, most notably the Cambridge Analytica incident in 2018.
It has since looked to tighten controls around the third-party use of personal data.
Chtrbox describes itself on its website as “the leading platform for brands to discover and collaborate with all kinds of talented influencers in India”.