Millions of Instagram Users Hacked

Uploaded on 2017-09-13 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW, TECHNOLOGY-Key Areas-Social Media

A suspected cyber-criminal claims to have accessed six million Instagram accounts and says that 'Facebook/Instagram has not yet fully understood the full scope of the exploit'

A group of hackers targeting A-list celebrities' Instagram accounts may have accessed millions of users' private data, the social media site has warned.

Singer Selena Gomez appeared to be one of the stars whose accounts were compromised during a cyber-attack on the picture-sharing app last week.

Three naked photos of her ex-boyfriend, Canadian star Justin Bieber, were posted to her 125 million followers before her profile was shut down.

Following the hacking spree, Instagram said it believed "one or more" individuals had gained access to "a number of " stars phone numbers and email addresses by exploiting a bug in the app's software.

The company quickly fixed the bug, but not before hackers began advertising users' private information in exchange for crypto-currencies on the dark web.

Hackers provided a sample of the data to The Daily Beast, who confirmed that it appeared to include private information from high-profile Instagram accounts as well as ordinary users.

Instagram has issued a new statement confirming that the hack may have affected non-verified accounts.

"Although we cannot determine which specific accounts may have been impacted, we believe it was a low percentage of Instagram accounts," a spokesperson told Mashable.

The social media company said they thought a "low percentage" of their 700 million monthly active users could have been affected, potentially several million accounts.

Instagram co-founder Mike Krieger said: “We care deeply about the safety and security of the Instagram community, so we want to let you know that we recently discovered a bug on Instagram that could be used to access some people’s email address and phone number even if they were not public. No passwords or other Instagram activity was revealed.

“We quickly fixed the bug, and have been working with law enforcement on the matter. Although we cannot determine which specific accounts may have been impacted, we believe it was a low percentage of Instagram accounts.

“Out of an abundance of caution, we encourage you to be vigilant about the security of your account, and exercise caution if you observe any suspicious activity such as unrecognised incoming calls, texts, or emails.

"Additionally, we’re encouraging you to report any unusual activity through our reporting tools. You can access those tools by tapping the “…” menu from your profile, selecting 'Report a Problem' and then 'Spam or Abuse'.

“Protecting the community has been important at Instagram from day one, and we’re constantly working to make Instagram a safer place. We are very sorry this happened.”

Independent:

You Might Also Read:

Nude Celebrity Photo Hacker Jailed:

 

« US Conducts Computer War Games in Response to North Korea Missile Launch
Cyberwar: A Guide »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Biscom

Biscom

Biscom offers solutions for secure file transfer, synchronization, file translation, and mobile devices, designed to deliver mission-critical reliability, streamline workflows and reduce costs.

SecureNinja

SecureNinja

SecureNinja provides professional training, certifications & professional services related to all facets of Information Technology and Cyber Security.

Cyberens

Cyberens

Cyberens provide cybersecurity consulting services in IT sectors relating to defense and space, banking, industrial control systems and IoT.

UK Cyber Security Association (UKCSA)

UK Cyber Security Association (UKCSA)

The UK Cyber Security Association (UKCSA) is a membership organisation for individuals and organisations who actively work in the cyber security industry.

Mosaic Insurance

Mosaic Insurance

Mosaic is a next-generation global specialty insurer distinguished by an exceptional team, agile technology, and a structure that combines Lloyd’s of London strength with a global distribution network

Otava

Otava

Otava is a global leader of secure, compliant hybrid cloud and IT solutions for service providers, channel partners and enterprise clients.

ELLIO Technology

ELLIO Technology

ELLIO Technology is a cybersecurity company that reduces alert overload, improves incident response, and helps security teams target serious attackers who pose a real threat.

Sidcon International Consulting Company

Sidcon International Consulting Company

SIDCON International Consulting Company has been providing consulting services since 2002 for private and public organizations in Ukraine and other countries.

ANY.RUN

ANY.RUN

ANY.RUN is an interactive online malware analysis service created for dynamic as well as static research of multiple types of cyber threats.

42Crunch

42Crunch

42Crunch provides API security testing and threat protection. We proactively test, fix and protect your APIs from development to runtime.

SignalRed

SignalRed

SignalRed provides the cutting edge next-generation penetration testing and secure development solutions to startups and large enterprises.

Cynclair

Cynclair

Cybersecurity is a complex beast. And we're the beast-tamers. Our team thrives on deciphering the latest threats, building cutting-edge defenses, and making your digital world much safer.

CyberForceHQ

CyberForceHQ

CyberForce helps cyber security professionals take real-world tests, get ranked and get paid better. It's that simple.

Simpson Associates

Simpson Associates

Simpson Associates is a Data Transformation and managed services provider that helps organisations gain valuable insights from their data and make better-informed decisions.

Infrassist Technologies

Infrassist Technologies

We're Infrassist - a trusted white label Managed IT & Professional Services partner for MSP businesses.

UrbanFox

UrbanFox

UrbanFox’ powerful AI provides a simple and intuitive way to reduce fraud risk, whilst isolating potential fraudsters that cost your business money.