A 21-year-old Nepali youth discovered Instagram's 'bug' and won a $ 6,000 prize
Cyber security researcher Saugat Pokharel has discovered a bug (security vulnerability) on Instagram. The 21-year-old discovered on Instagram that the user's deleted photo and direct message had long been on the company's server.
According to Europe's new data policy, in 2018, Instagram provided users with the facility to download their data. Taking advantage of the facility, Saugat downloaded his data. The downloaded data also included a photo he had deleted a year earlier and a direct message.
According to Instagram's policy, if a user deletes a photo or direct message, the deleted message and photo must be removed within 90 days. This means that the company's servers do not have such data.
However, in the data downloaded by Saugat, a photo older than 90 days is still on the server and that photo was also downloaded.
"The data that I deleted a long time ago has not been deleted by Instagram from its servers," he told TechCrunch. The bug was fixed last month. '
"Investigators have long reported that even deleted data stays on the server and that the information is downloaded when the data is downloaded," an Instagram spokesperson said. "The problem has now been resolved." There is no misuse of such data. '
Following the discovery of the bug, Instagram offered a reward of 6,000 US dollars, or 720,000 Nepali rupees.