Instagram Data Breach: Want to give a call to your favourite pop star or send an email to your favourite footballer? You can get their contact details for as low as $10. On Wednesday this week, Facebook owned Instagram confessed that some hackers were able to exploit a bug in their API and obtain emails and phone number of some ‘high-profile’ accounts. Guess what, it’s for sale now!
This seems to be the same bug that led to the compromise of Selena Gomez’s account which was used to post nudes of her ex-boyfriend and pop star Justin Bieber. A hacker group by the name – ‘Doxgram’, has claimed responsibility for the hack and now it is offering details from the stolen accounts for mere $10 per lookup in the underground internet.
The claim extends to have details of POTUS, Jennifer Lopez, Taylor Swift & Cristiano Ronaldo among 6 Million other accounts that are being offered for sale. Doxgram group has been spotted on a Bitcoin forum advertising about its database.
The leak further includes Emails and Phone Nos of other normal users too which were affected by the bug in the photo sharing social network. The hackers shared a list of 1,000 hacked accounts, which contain the details of the top 50 most-followed profiles on the Instagram. A sample of data shared by the hackers contains email addresses, phone numbers of famous politicians, sports stars and media companies.
Instagram co-founder Mike Krieger in a blog post said that the company has fixed a “bug” that “could be used to access some people’s email address and phone number even if they are not public”. According to the blog, the social media platform is not able to determine the accounts affected but believes that “it was a low percentage of Instagram accounts”.
The company also asked users to follow steps to protect their information on the platform and said that it is “working with law enforcement on that matter”. Recently, private pictures of singer Justin Bieber were leaked from the Instagram account belonging to ex-girlfriend Selena Gomez. Her Instagram account was taken down soon after the leak.
“As expected, it’s not only the celebs whose data has been compromised, it’s the gen-pop too. It’s highly probable that after this per-request-sale, hackers will try to sell the entire data dump altogether. Once leaked, the data can easily be used by other hackers for phishing & smishing campaigns at mass,” said Ankush Johar, Director at HumanFirewall.io.
“Your Email and your Phone number, both can be used to reset & hijack your account. It’s extremely important now to make sure that these are safe. Avoid opening emails from untrusted sources and pay close attention to what permissions you are allowing an application on your smartphone. Use multi-factor authentication to add an extra layer of security to your account. Stay cautious, Stay safe,” he added.