More than four million records of users of Time Warner Cable's MyTWC app were found unsecured on an Amazon server last month. Seperately, Facebook's Instagram found a bug that exposed people's email addresses and phone numbers, which it has already fixed.
According to digital security research center Kromtech Security Center, the 600GB of data that was exposed in the Time Warner Cable's case included sensitive information such as transaction ID, user names, Mac addresses, serial numbers, account numbers. The researchers discovered the files on Aug. 24 and they were not password protected.
"A vendor has notified us that certain non-financial information of legacy Time Warner Cable customers who used the MyTWC app became potentially visible by external sources," Charter Communications Inc., said Time Warner Cable's parent, said .
The information was removed immediately after the discovery and the incident is being investigated, Charter said.
The breach was eventually linked to BroadSoft, a communications company, whose unit developed the MyTWC app.
In another case, Instagram said it found a bug that exposed people's email addresses and phone numbers, which it quickly fixed, according to Chief Technology Officer Mike Krieger.
No passwords were exposed, and the photo-sharing app is working with law enforcement to prevent further fallout, Krieger said in a blog post.
Celebrities are concerned that their information may have been exposed.
While Instagram first said the hack was limited to holders of verified accounts, it said today that non-verified users had been affected as well.
Hours after the hack was disclosed, hackers established a searchable database named Doxagram allowing users to search for victims' contact information for $10 per search.