Saugat Pokharel, Security Researcher from Nepal Awarded $6000 for Bug Bounty on Instagram


Instagram is a globally competitive and leading social network with more than a billion users around the world. It is a brilliant platform to connect with family, friends, and the world as a whole. Apart from it, you can create your profile and keep your activities up-to-date, you can search for things of your interest, learn some new stuff, and for companies, Instagram can be a perfect platform to advertise about their services in front of a large mass. From day to day lives of ordinary people to the execution of online companies or companies with their services available online, Instagram keeps a record of everyone and everything visible to it.

Was Instagram keeping the deleted Photos and Messages?

Chatting, Uploading, and sharing photos are primary things to do while using Instagram. Most of us love sharing our things and discovering others as well whether it is from direct messaging or some other means. Sometimes you have a direct message with someone and lastly, you end up deleting those messages. But did you notice that lately, Instagram had been displaying some of the deleted photos and messages? Recently there was a server malfunctioning or bug on Instagram and many might have noticed it but the first one to report it was a security researcher, Saugat Pokharel.

Instagram Bug Bounty: Saugat Pokharel, Security Researcher from Nepal Awarded $6000

Instagram Bug Bounty

Saugat Pokharel, an independent security researcher found that when he downloaded his data from Instagram, there were some private direct messages and photos attached to it which he confidently says to have deleted a year ago. In normal cases, companies can keep recently deleted data for sometimes and afterward remove it permanently from its system and server. But in the case of Pokharel, he claims that the data he retrieved from the Instagram server was a year old. So, this indicated a bug in the server of Instagram and Pokharel reported about this bug in October 2019 via Instagram bug bounty program.

Also Read: Quantum Hack All Set to Bring International Online Hackathon, Open Art Competition Pre-event

He reported this bug to TechCrunch saying that Instagram didn’t delete his data even when he deleted them from his end and TechCrunch informed it to the authorized company of Instagram. As a response to the information, a spokesperson from Instagram told TechCrunch that because of the bug, deleted images and messages of people were included in a copy of their information when they used Download Your Information tool on Instagram. That was the reason behind the re-appearance of deleted data in their information and they said to have fixed the issue. Lastly, they expressed their thankfulness towards Saugat Pokharel for reporting the issue on time. For reporting this issue, Saugat Pokharel was provided a $6,000 bug bounty payout as a reward.

Finding out and reporting the bug in the Instagram server was a praiseworthy thing done by Pokharel. It enabled the company to fix this issue at the right time and it would have been worse if the issue was identified later when many people would have started complaining about it. As nothing is made perfect, network companies keep on discovering and fixing such issues and this time, it was the turn of Instagram.


About Author

Leave A Reply