Save up to $1,100 on Galaxy S24 Ultra!
Amazon Black Friday is here
The Amazon Black Friday deals are here early, enjoy the best discounts of the year now.
00 days
00 hrs
00 mins

Instagram breach results in up to 6 million users' phones and email adresses being sold for 10 bucks a pop

By
24comments
Google News Follow
Follow us on Google News
iOS Android Apps
Instagram breach results in up to 6 million users' phones and email adresses being sold for 10 bucks a pop

If you've been on the internet in the past, say, five years or so, you've undoubtedly at some point been the target of a request to enable two-factor authentication for some online service. And while giving away your phone number to a random corporation doesn't sound like the best idea ever, this is one of the best ways to protect your accounts against unauthorized third parties.

But it seems that even a huge tech giant like Facebook has a bit of a trouble with not just giving away users' private info — a report from Variety has just highlighted how hackers have been exploiting Instagram's password recovery to steal and sell off users' private information, including email addresses and — if they had 2FA enabled — their phone numbers.

But while high-profile hacks are a dime a dozen these days, what's staggering here is how easily the information was obtained: in essence, sending a password reset request from an old version of the Instagram app resulted in a response containing an account's private data (sans password, thankfully).

Instagram claims to have already patched the bug, and has also notified all holders of verified accounts (celebrities were initially thought to be the primary target of the attack). Not that this would be of any help against a leaked phone number, of course.

However, the number of affected accounts seems to be quite a bit larger than initially claimed: Ars Technica reports that they were contacted by the owner of a website selling access to a searchable database of 6 million breached Instagram accounts. To prove that, they sent a "sample" containing 10,000 accounts, which Ars claims to be legitimate. The kicker? The website is publicly available, and can be accessed for $10 per search.

The latest official Instagram user count says there are about 700 million registered accounts, so the chances of your account being a part of this alleged 6 million figure are about 0.56%. So this is a pretty tiny hack when compared with 2013's Adobe breach (150 million accounts), or the two Yahoo hacks from last year (1.5 billion). Regardless, it's advisable to check up on Have I been pwned? every once in a while just to be on the safe side.

Recommended Stories

Loading Comments...

Popular stories

T-Mobile introduces welcome change for iPhone users
T-Mobile introduces welcome change for iPhone users
Time has come to say goodbye to T-Mobile app after 12 years
Time has come to say goodbye to T-Mobile app after 12 years
AT&T wants to shut down a network with only 52 users (UPDATE: AT&T responds)
AT&T wants to shut down a network with only 52 users (UPDATE: AT&T responds)
People are hearing voices coming from their iPhone
People are hearing voices coming from their iPhone
This better not be happening: YouTube Premium users are seeing ads
This better not be happening: YouTube Premium users are seeing ads
T-Mobile proves its mettle against Verizon and AT&T by doing for customers what rivals were unable to
T-Mobile proves its mettle against Verizon and AT&T by doing for customers what rivals were unable to

Latest News

Amazon slashes the 512GB Galaxy S24 Ultra by $350 for Black Friday, making it a can't-miss offer
Amazon slashes the 512GB Galaxy S24 Ultra by $350 for Black Friday, making it a can't-miss offer
Surprise Amazon Black Friday deal slashes more than $250 off the cheapest Pixel 9 model
Surprise Amazon Black Friday deal slashes more than $250 off the cheapest Pixel 9 model
Sizzling hot Black Friday 2024 deal makes Apple's 2022 iPad cheaper than ever before
Sizzling hot Black Friday 2024 deal makes Apple's 2022 iPad cheaper than ever before
Oppo Find X8 Series goes global with new Hasselblad camera system, ColorOS 15
Oppo Find X8 Series goes global with new Hasselblad camera system, ColorOS 15
T-Mobile proves its mettle against Verizon and AT&T by doing for customers what rivals were unable to
T-Mobile proves its mettle against Verizon and AT&T by doing for customers what rivals were unable to
Apple releases iPhone and iPad security updates you should install ASAP
Apple releases iPhone and iPad security updates you should install ASAP
FCC OKs Cingular\'s purchase of AT&T Wireless