Instagram hack sees accounts replaced with film stills
- Published
A number of Instagram users have taken to social media to report a mysterious hack in which their profile photos are replaced by random stills from films.
Their account names have also been changed and they are unable to log in.
Their registered email addresses have also been altered to accounts originating from the Russian email provider mail.ru.
Instagram said it tries to provide a safe and secure experience for its community.
"When we become aware of an account that has been compromised, we shut off access to the account and the people who've been affected are put through a remediation process so they can reset their password and take other necessary steps to secure their accounts," said a spokeswoman.
Instagram has security tips, external and advice about hacked accounts, external on its website.
It has also published a blog saying it continues to investigate the issue, external.
The hackers have so far made no demands and the affected accounts appear otherwise untouched.
There are tweets describing the hack dating back to July.
Allow Twitter content?
This article contains content provided by Twitter. We ask for your permission before anything is loaded, as they may be using cookies and other technologies. You may want to read Twitter’s cookie policy, external and privacy policy, external before accepting. To view this content choose ‘accept and continue’.
Allow Twitter content?
This article contains content provided by Twitter. We ask for your permission before anything is loaded, as they may be using cookies and other technologies. You may want to read Twitter’s cookie policy, external and privacy policy, external before accepting. To view this content choose ‘accept and continue’.
Allow Twitter content?
This article contains content provided by Twitter. We ask for your permission before anything is loaded, as they may be using cookies and other technologies. You may want to read Twitter’s cookie policy, external and privacy policy, external before accepting. To view this content choose ‘accept and continue’.
Mashable reports, external that there have been 899 Twitter accounts reporting the same experience in the past seven days.
There are suggestions that the attack is originating from Russia, because of the mail.ru email address but it is easy to register for an account with the service in many countries - the .ru suffix remains regardless of the geographical location of the owner.
Some reports suggest that at least one of the hacked accounts may have had the extra security measure two-factor authentication (2FA) enabled, although this is currently unconfirmed.
With 2FA a code is texted to the account holder's phone before they can complete the log-in process.
It is an opt-in service.
Security experts advise that 2FA should be activated wherever possible.
- Published20 June 2018
- Published6 September 2017