The database was reportedly left exposed due to someone forgetting to add a password to it. This meant that anyone who found out where the database was stored could gain access without needing any special hacking tools or password cracking tools. The database is said to play home to over 49 million records.
However, some of this information isn’t necessarily private. This is because the information stored in the database was information that was scraped from public Instagram accounts. This includes bio, profile photos, number of followers, and so on, information that could be easily gleaned if you follow that person. At the same time, other private information such as email addresses and phone numbers were also part of the database.
The database has since been taken offline and in a statement made to TechCrunch, Instagram’s parent company Facebook said, “We’re looking into the issue to understand if the data described – including email and phone numbers – was from Instagram or from other sources.”