Alleged attackers have hijacked Instagram accounts and modified personal information making impossible to restore the accounts.
The number of Instagram accounts that was hacked has increased since the beginning of August, all the victims were logged out of their accounts, their personal and contact information were deleted, personal email address was changed.
The attackers changed victims’ email addresses with one associated to a Russian domain (.ru).
The media outlet Mashable first reported the spike in the account takeover.
“Like half a dozen other hacking victims who spoke with Mashable, her profile photo had been changed, as had all the contact information linked to the account, which was now linked to an email with a .ru Russian domain.” reported Mashable.
“Megan and Krista’s experiences are not isolated cases. They are two of hundreds of Instagram users who have reported similar attacks since the beginning of the month.”
More than 5,000 tweets from 899 accounts were mentioning Instagram hacks in the last seven days, many users have been desperately tweeting at Instagram’s Twitter account requesting support.
Numerous reports of hacks were reported on Reddit, and Mashable reported a Google Trends search that shows a spike in searches for “Instagram hacked” on Aug. 8, and again on Aug. 11.
Instagram hacked accounts have had their profile photos changed with Disney- or Pixar-themed film images.
“A number of Instagram users have taken to social media to report a mysterious hack in which their profile photos are replaced by random stills from films.” reported the BBC.
It’s not clear how hackers have hacked the Instagram accounts, there are some cases in which owner s of the accounts explained that they were using two-factor authentication (2FA).
“The extra security measure didn’t protect Chris Woznicki, who was using two-factor authentication at the time his account was hacked 10 days ago. Woznicki says Instagram sent him security emails notifying him the email address on his account had been changed (once again, to a .ru address) and 2FA had been disabled. But by the time he saw the messages, it was too late and he had already lost access to his account, which had 660 followers. Others have reported similar occurrences. “continues Mashable.
Instagram confirmed it is aware of the problems that some users are facing, below an excerpt from an Instagram security advisory:
“We are aware that some people are having difficulty accessing their Instagram accounts. As we investigate this issue, we wanted to share the below guidance to help keep your account secure:
It isn’t the first time that Instagram faces such kind of problems, in September 2017 6 million celebrities Instagram High-Profiles data were offered for sale on DoxaGram website.
For more information, users can visit the Instagram Help Centre that includes instructions to restore a compromised account.