Millions of Instagram Users Hacked

Uploaded on 2017-09-13 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW, TECHNOLOGY-Key Areas-Social Media

A suspected cyber-criminal claims to have accessed six million Instagram accounts and says that 'Facebook/Instagram has not yet fully understood the full scope of the exploit'

A group of hackers targeting A-list celebrities' Instagram accounts may have accessed millions of users' private data, the social media site has warned.

Singer Selena Gomez appeared to be one of the stars whose accounts were compromised during a cyber-attack on the picture-sharing app last week.

Three naked photos of her ex-boyfriend, Canadian star Justin Bieber, were posted to her 125 million followers before her profile was shut down.

Following the hacking spree, Instagram said it believed "one or more" individuals had gained access to "a number of " stars phone numbers and email addresses by exploiting a bug in the app's software.

The company quickly fixed the bug, but not before hackers began advertising users' private information in exchange for crypto-currencies on the dark web.

Hackers provided a sample of the data to The Daily Beast, who confirmed that it appeared to include private information from high-profile Instagram accounts as well as ordinary users.

Instagram has issued a new statement confirming that the hack may have affected non-verified accounts.

"Although we cannot determine which specific accounts may have been impacted, we believe it was a low percentage of Instagram accounts," a spokesperson told Mashable.

The social media company said they thought a "low percentage" of their 700 million monthly active users could have been affected, potentially several million accounts.

Instagram co-founder Mike Krieger said: “We care deeply about the safety and security of the Instagram community, so we want to let you know that we recently discovered a bug on Instagram that could be used to access some people’s email address and phone number even if they were not public. No passwords or other Instagram activity was revealed.

“We quickly fixed the bug, and have been working with law enforcement on the matter. Although we cannot determine which specific accounts may have been impacted, we believe it was a low percentage of Instagram accounts.

“Out of an abundance of caution, we encourage you to be vigilant about the security of your account, and exercise caution if you observe any suspicious activity such as unrecognised incoming calls, texts, or emails.

"Additionally, we’re encouraging you to report any unusual activity through our reporting tools. You can access those tools by tapping the “…” menu from your profile, selecting 'Report a Problem' and then 'Spam or Abuse'.

“Protecting the community has been important at Instagram from day one, and we’re constantly working to make Instagram a safer place. We are very sorry this happened.”

Independent:

You Might Also Read:

Nude Celebrity Photo Hacker Jailed:

 

« US Conducts Computer War Games in Response to North Korea Missile Launch
Cyberwar: A Guide »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

IP Performance

IP Performance

IP Performance Limited is a leading supplier of customised network infrastructure and security solutions.

Firebrand

Firebrand

Firebrand is the leader in Accelerated Learning in the field of IT and project management.

Packet Ninjas

Packet Ninjas

Packet Ninjas is a niche cyber security agency with specialized expertise in the use of digital intelligence to strengthen cyber security.

PartnerRe

PartnerRe

PartnerRe provides multi-line reinsurance to insurance companies on a worldwide basis. Services include Cyber Risk.

ACI Solutions

ACI Solutions

ACI Solutions is a managed IT services and network security provider working with diverse global commercial, government and public sector clients.

Untangle

Untangle

Untangle provides network security products designed specifically for the below-enterprise market, safeguarding businesses, home offices, nonprofits, schools and governmental organizations.

Carbide

Carbide

Carbide (formerly Securicy) breaks down enterprise-class security and privacy requirements and makes them accessible to, and achievable by, companies of all sizes.

OmniCyber Security

OmniCyber Security

Omni is a cyber security firm specialising in Penetration Testing, Managed Security and Compliance.

Cympire

Cympire

Cympire significantly increases an organisation’s Cyber Resilience through continuous Training and Assessment. Cyber Security Training Platform. Cloud-based and fully customizable Cyber Range.

Cyvatar

Cyvatar

Cyvatar is a technology-enabled cyber security as a service (CSaaS) provider delivering smarter managed security to help you achieve compliance and security faster and more efficiently.

TransUnion

TransUnion

TransUnion is a global information and insights company that makes it possible for businesses and consumers to transact with confidence.

BDO Global

BDO Global

BDO is an international network of public accounting, tax and advisory firms which perform professional services under the name of BDO.

BriskInfosec Technology & Consulting

BriskInfosec Technology & Consulting

BriskInfosec provides information security services, products and compliance solutions to our customers.

Normalyze

Normalyze

Normalyze are solving some of the most painful problems enterprise IT security teams face in the cloud and data security space. We help enterprises protect all the data they run in the cloud.

SecureClaw

SecureClaw

SecureClaw offers specialized cybersecurity consultation, various products, and a range of services to meet your company's business domain needs.

Cybermindz

Cybermindz

Many cyber security professionals are under sustained and increasing stress. We set about providing direct support to restore and rebuild emotional and cognitive health.