By Hayden Wright
Hackers who posted nude photos of Justin Bieber to Selena Gomez’s Instagram account exploited a bug in the social network’s API, Instagram said in a statement.
The company’s spokesperson gave a statement to TIME, explaining that the vulnerability allowed hackers to obtain private information about Selena’s account—as well as accounts from other “high-profile” users.
“We recently discovered that one or more individuals obtained unlawful access to a number of high-profile Instagram users’ contact information — specifically email address and phone number — by exploiting a bug in an Instagram API,” a spokesperson for Instagram said.
Selena’s 125 million followers were shocked when nude pictures of her ex, Bieber, appeared on her profile Monday, alongside profane captions. Instagram temporarily suspended her account, which was later re-opened without the scandalous posts.
Instagram’s representative said users should report any suspicious account activity to prevent fraud.
“As always, we encourage people to be vigilant about the security of their account and exercise caution if they encounter any suspicious activity such as unrecognized incoming calls, texts and emails,” the spokesperson said.