Thousands of Instagram users have reported that their accounts have been hacked. Affected users have seen their profile photos and contact information changed and linked to a .ru email account.
As reported by Mashable, hundreds of users reported similar attacks since the beginning of the month. On Twitter, there has been more than 100 reports in the last 24 hours alone. Data from analytics platform Talkwalker revealed that more than 5,000 tweets from nearly 900 accounts mentioned Instagram hacks in the last seven days. Many have turned to Instagram’s Twitter account for help.
The worrying thing is that some victims were already using two-factor authentication (2FA) as an additional security measure at the time of getting hacked. One user received security emails from Instagram to notify him that the email account tied to his Instagram account had been changed to a .ru address, and 2FA had been disabled.
It is unclear how hackers are getting access to these accounts.
Let’s look at a few common characteristics of hacked Instagram accounts.
Firstly, hacked accounts would have a changed handle and profile avatar (often an animated character from a Disney or Pixar film, how cute). User bios are usually deleted, and a new .ru email address is linked to the account. In most cases, Instagram users did not have 2FA enabled however as mentioned, some accounts were still hacked with 2FA turned on.
Hackers don’t appear to be posting any new photos Hackers don’t appear to be removing any content from users’ accounts, but are posting images of scantily clad women. A friend of mine has fallen victim to hackers and it took several days with Instagram support before he got his account back. Needless to say, he vehemently recommends everyone to enable 2FA on their accounts.
It’s still up in the air what the hackers really want. A silly prank or is it part of something bigger?
Instagram in a blog post, has acknowledged that some users are having difficulty accessing their accounts. The company is currently investigating the issue, and has offered some guidance to keep user accounts secure:
- If you received an email from us notifying you of a change in your email address, and you did not initiate this change – please click the link marked ‘revert this change’ in the email, and then change your password.
- We advise you pick a strong password. Use a combination of at least six numbers, letters and punctuation marks (like ! and &). It should be different from other passwords you use elsewhere on the internet.
- You can also use the steps outlined on this page to restore your account. Please use a new, secure email address to restore your account.
- Finally, revoke access to any suspicious third-party apps and turn on two-factor authentication for additional security. Our current two-factor authentication allows people to secure their account via text, and we’re working on additional two-factor functionality with more to share soon.
Are you experiencing trouble accessing your Instagram account? Have you been hacked? Let us know in the comment box below.