HYDERABAD: From being a photo-sharing social platform to a brand creation centre rivalled only to Twitter, Instagram’s popularity has grown through the years with everyone -- from celebrities to politicians -- on the platform.
However, a new hack is now kicking users out of their own account and one cannot even log back in. The issue came to light about a week ago. Suddenly, users were getting logged out of their own accounts and then their username and profile pictures were getting changed and their bios were being deleted. Even resetting the account does not work as email addresses linked with the accounts also get changed, to a Russian domain, with a random phone number.
An Instagram user on Twitter wrote, “Hey @instagram! My account was hacked this afternoon by someone in Russia. I can’t unlock my account and my email was changed to some sketchy dot RU (.RU) address. I’ve had this account for over six years and your help page is useless! Pls, help #instagramhack.”
Though most of the affected accounts are from the United States of America, the large-scale use of the social platform has many in the city worried. Swathi, an entrepreneur who runs an online boutique on Instagram said, “Many of my sales come through Instagram. If I am locked out of my own account, then my business will take a hit.”
City-based independent security researcher Srinivas Kodali said, “People should enable two-factor authentication to avert any third party accessing their social media accounts.” However, few reports claim that even that might not be enough. Many think that the recent spate of hacks on Instagram accounts maybe because of SIM card swaps -- a scam in which hackers steal one’s mobile identity after convincing users to switch their phone number over to a SIM card they own.
A Wired report said: “By diverting your incoming messages, scammers can easily complete the text-based two-factor authentication that protects your most sensitive accounts.”“One should not just use two-factor authentication via text messages. Third party apps like Google Authenticator should be used. There are even physical USB u2f keys which are much more better,” Kodali added.