Instagram’s parent company Facebook has confirmed that a newly discovered security vulnerability may have put data at risk, leaving users open to attack by threat actors. A security researcher ran tests on the platform and he successfully retrieved “secure” user data. This data included users’ real names, Instagram account numbers and handles, and full phone numbers. The linking of this data is all an attacker would need to target those users. Facebook has since made changes to Instagram to protect its users.