Connect with us

Hi, what are you looking for?

Tech & Science

Millions of Instagram, TikTok and YouTube profiles exposed (Includes interview)

The analysis of the data leak reveals that the user identifiable data was spread across several datasets, according to The Independent. Of these pockets of data, the most significant were two sets coming in at just under 100 million each. These datasets contained user profile records apparently scraped from Instagram. Following these, the third-largest was a dataset was composed of some 42 million TikTok users. Another large dataset of concern was one containing just under 4 million YouTube user profiles.

As yet, there is no confirmed source for this leaked data. However, cybersecurity researchers have suggest that the evidence pointed to a company called Deep Social. This organization was banned by both Facebook and Instagram in 2018 after being found to be scraping user profile data.

Looking into the matter for Digital Journal is Chris DeRamus, who is the VP of Technology, Cloud Security Practice, Rapid7.

DeRamus begins by contextualizing the scale of the issue, noting: “TikTok, Instagram, and YouTube are three of the most popular social media sites servicing around 3.8 billion users total.” This means that these providers are entrusted with a massive trove of user data.

DeRamus continues, by considering where the data is being held: “While most of the user data in this leak was publicly available on user profiles, the risk of phishing is amplified due to the large accumulation of user data collected in the exposed databases. 235 million social media users are at risk of their information being sold on the dark web because of unsecured databases, one of the most common yet easily preventable security risks.”

For DeRamus this matter underscores the importance of social media providers investing in automated cloud security solutions. This is because, as the analyst notes: “Many breaches are a result of misconfigurations of cloud services that are exploited by an attacker. Companies must employ security tools that are capable of detecting and remediating misconfigurations (such as databases left unsecured without a password) in real time, or better yet – preventing them from ever happening in the first place.”

Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:


For nearly 90 years, anyone in France needing to know what time it is down-to-the-second could ring up the Paris Observatory.


Russia's invasion of Ukraine has exacerbated concerns about oil supplies, sending prices to record highs this year.


Salmonella bacteria have been discovered in the world's biggest chocolate plant, run by Swiss giant Barry Callebaut in the Belgian town of Wieze.


The Czech Republic will take over the rotating six-month presidency of the European Union on Friday with all eyes on Ukraine.