Now it is official, Instagram has suffered a violent data breach and, reportedly, an unknown hacker has stolen personal data from more than 6 million Instagram accounts and are up for sale on doxagram.
Yesterday we reported that Instagram had patched a critical API vulnerability that allowed the attacker to access phone numbers and email addresses for high-profile verified accounts.
However, Instagram hack now seems to be more serious than initially reported.
Not just a few thousand high profile users – there are over 6 million Instagram users, including politicians, sports stars, and media companies that have had their Instagram profile information, including email addresses and numbers phones available for sale on a website, called Doxagram.
Instagram’s hacker suspect launched Doxagram, an Instagram search service, where anyone can search stolen information for only $ 10 on behalf.
A security researcher at Kaspersky Labs, who also found the same vulnerability and reported to Instagram, told The Hacker News that the problem was in the Instagram mobile application, in particular, the password reset option, which apparently it shows numbers of email addresses and email addresses of users in the JSON response, but not passwords.
Instagram has not yet confirmed the hacker’s claims, but the company said on Friday it is investigating the violation of the data.
Also Read: 10 Most Successful Entrepreneurs Of All Time
The news comes three days after an unknown hacker kidnapped more often than it does on Instagram belonged to Selena Gomez – with more than 125 million followers – and published nude naked bare front photos of Justin Bieber.
However, Instagram did not confirm whether the recent data breach was related to Selena’s hacked account.
The company had already notified all of its verified users of the problem by e-mail and also encouraged them to be cautious if they receive suspicious or unrecognized calls, text messages or emails.
With email addresses and phone numbers in hand, the next step of the hacker could be used to steal tandem information with social engineering techniques to access the verified Instagram accounts and post them in their behalves for the purpose of embarking on them.
Instagram users are also strongly recommended to enable two-factor authentication in their accounts and always protect them with a robust and different password.
Also, avoid clicking suspicious links and attachments received in an email and providing your personal or financial information without properly verifying the source.