Hackers have taken advantage of a security flaw in Instagram’s application program interface to gain access to the accounts of high-profile users, the Facebook Inc.-owned app provider confirmed Wednesday.

The attack involved the hackers gaining access to user accounts through Instagram’s API, giving them the ability to steal telephone numbers and email addresses and control content on the victim’s account. Instagram’s API allows third-party apps and sites to gain access to Instagram — a gateway into Instagram of sorts — and it was through this back door the hackers gained access.

Instagram was quick to deny that any password information was accessed or stolen, saying in a statement that while email addresses and phone numbers were compromised, “no account passwords were exposed.”

After noting that it had “fixed the bug,” the app maker added that its “main concern is for the safety and security of our community” and that it encourages people to be “vigilant about the security of their account and exercise caution if they encounter any suspicious activity such as unrecognized incoming calls, texts and emails.”

The admission by Instagram that its API had been used to compromise high-profile accounts comes days after singer Selena Gomez was targeted with pictures of Justin Bieber naked appearing on her account. Although it has not been confirmed that this was an instance of hackers exploiting Instagram’s API to gain access, the timing makes it highly likely.

Instagram has gone from strength to strength in 2017, evolving from what was once a simple picture-sharing app into a full-blown social network in its own right. After a redesign in May 2016 followed by the introduction of Stories later the same year, Instagram has surged in popularity, crushing rival Snap Inc. in the process.

Photo: Pixabay