Close Menu
  • Home
  • Articles
    • Attacks
      • BEC
      • Data Breach
      • DDoS
      • Evasion Attacks
      • Injection
      • Malware
      • MITM
      • Phishing
      • Ransomware
      • RCE
      • Social Engineering
      • Spoofing
      • Spyware
    • Business and Policy
      • BCP and DRP
      • GRC
      • Regulations
    • Data Protection
      • DLP
      • DRM
      • Encryption
      • IAM
    • Future, Trends and Insight
      • AI
      • Events & Community
      • Emerging Tech
      • Expert Panel
      • Interviews With Experts
      • Insights
      • Study & Research
    • Resources
      • Guides
      • Tools
      • Training & Education
    • Security
      • API
      • Apps
      • Cloud
      • Critical Infrastructure
      • Endpoint
      • Hardware
      • IoT
      • Mobile
      • Network
      • OT
      • Port Security
      • Security Architecture
      • Software Development
      • Supply Chain
      • Zero Trust
    • Threats and Vulnerabilities
      • Emerging Threats
      • Insider Threats
      • Risk Management
      • Threat Intelligence
      • Zero Day
  • News and Exclusives
    • Latest News
    • ISB Exclusive
    • Positive News
  • Who We Are
    • About Us
    • Information Security Buzz Expert Panel​
    • Write for Us
    • Media Pack
  • Contact Us
  • Newsletter
Facebook X (Twitter) LinkedIn
Facebook X (Twitter) LinkedIn
Information Security BuzzInformation Security Buzz
  • Home
  • Articles
    • Attacks
      • BEC
      • Data Breach
      • DDoS
      • Evasion Attacks
      • Injection
      • Malware
      • MITM
      • Phishing
      • Ransomware
      • RCE
      • Social Engineering
      • Spoofing
      • Spyware
    • Business and Policy
      • BCP and DRP
      • GRC
      • Regulations
    • Data Protection
      • DLP
      • DRM
      • Encryption
      • IAM
    • Future, Trends and Insight
      • AI
      • Events & Community
      • Emerging Tech
      • Expert Panel
      • Interviews With Experts
      • Insights
      • Study & Research
    • Resources
      • Guides
      • Tools
      • Training & Education
    • Security
      • API
      • Apps
      • Cloud
      • Critical Infrastructure
      • Endpoint
      • Hardware
      • IoT
      • Mobile
      • Network
      • OT
      • Port Security
      • Security Architecture
      • Software Development
      • Supply Chain
      • Zero Trust
    • Threats and Vulnerabilities
      • Emerging Threats
      • Insider Threats
      • Risk Management
      • Threat Intelligence
      • Zero Day
  • News and Exclusives
    • Latest News
    • ISB Exclusive
    • Positive News
  • Who We Are
    • About Us
    • Information Security Buzz Expert Panel​
    • Write for Us
    • Media Pack
  • Contact Us
  • Newsletter
Subscribe
Information Security BuzzInformation Security Buzz
Home - News & Analysis - Instagram Hacked, Celebrity Contact Details Revealed
News & Analysis

Instagram Hacked, Celebrity Contact Details Revealed

ISBuzz TeamBy ISBuzz TeamSeptember 4, 20174 Mins Read
Share LinkedIn Twitter Facebook Copy Link Email
Instagram Rolls out two-factor Authentication
Share
Facebook Twitter LinkedIn Email Copy Link
Quick AI Summary
ChatGPTClaudeGeminiGrokPerplexityDeepSeekCopilot

It has been reported that Instagram has revealed a flaw in its systems revealed “a number of” stars’ phone numbers and email addresses to cyber-attackers.The Facebook-owned social network has emailed verified members, usually prominent figures, to let them know. It said it believed “one or more” attackers had targeted high-profile stars to get their contact information. Instagram said passwords had not been stolen but warned users to watch for suspicious activity on their accounts. IT security experts are commented below.

Mark James, Security Specialist at ESET:

“There is one thing that anyone in the IT business will tell you- is if you use, create, own or develop software then one thing is certain…software is not 100% secure! There is always the possibility that someone, somewhere could find a vulnerability or exploit that may enable an attacker to gain control or get access to information they should not normally be able to.

We all expect the big players to invest millions in securing their applications, and they rightly do, but when stories like this emerge it just goes to highlight that exploits could affect anyone. This particular flaw has enabled a potential hacker to obtain phone numbers and email addresses through a bug in its software; this info could enable further scams or phishing attacks to be more successful. This could simply be down to rogue messages asking you to verify further details sent to either of these methods, trying to trick you into thinking your accounts are at risk ( which they are ).

Of course you are powerless to protect yourself from these types of issues but you can protect your accounts from the consequences of such attacks. One of the best methods is without a doubt two-factor authentication. This sets up an additional level of security that will alert you if someone tries to log into your account without your knowledge and is usually extremely easy to configure and set up. Of course the usual advice of secure unique passwords will help to keep you safe but it won’t help you if your password is compromised, whereas two-factor authentication will.

Instagram have stated the flaw occurred “by exploiting a bug in an Instagram API” but they have now fixed the problem. Always be wary of anyone asking for your account details through text or emails; if in doubt delete or ignore them and change your password immediately- and go configure two-factor authentication immediately.”

Lee Munson, Security Researcher at Comparitech.com:
“High-profile Instagram users can breathe a small sigh of relief after the Facebook-owned social network yesterday revealed that no passwords had been swiped in the recent breach of the photo-sharing site.

They’ll need to catch their breath quickly though as other sensitive information has fallen into the hands of those responsible for the hack.

With telephone numbers and email addresses out in the wild, superstars and Z-list celebrities alike will need to be on their guard in the coming weeks as the attackers may just use those contact details for other nefarious purposes.

Not only that, Instagram is also warning against suspicious activity on accounts which seems strange, given the bug has been fixed and passwords left untouched.

To be on the safe side, rich and famous Instagram users should probably change their login credentials anyway, remembering to make their passwords complex and unique to each online account they have.

If their busy lives make remembering all those passwords too much of a challenge, a password manager would be the obvious answer.”

Dean Ferrando, Systems Engineering Manager (EMEA) at Tripwire:

“The more individuals allow access to their data through social media, like Instagram, the more avenues there are for attackers to try. It’s good to remember that social media sites view people merely as a source of income. They are only concerned with the security of your data to the extent that the law requires. This is why it is critical for users to take responsibility of their own security. Password reuse and enabling two-factor authentication should be mandatory for every user of social media and can help reduce the risk of attack.”

ISBuzz Team
  • ISBuzz Team
    Air Canada Data Breach: BianLian Extortion Group Claims A Massive Heist Contrary To Airline’s Earlier Statement
  • ISBuzz Team
    Unprecedented DDoS Attack Rocks The Web: Tech Giants Reveal A Digital Tsunami
  • ISBuzz Team
    CISA Flags High-Severity Adobe Acrobat Reader Flaw Amid Active Exploits
  • ISBuzz Team
    Curl Security Alert: Patching A Critical Bug Averting Potential Cyber Catastrophe

The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.

Share. Facebook Twitter LinkedIn Email Copy Link

Related Posts

New Phishing Kit Starkiller Defeats Multi-Factor Authentication

February 23, 20264 Mins Read

ReliaQuest Uncovers Social Media Phishing Campaign Built on Trusted Tools

January 22, 20266 Mins Read

What Happens after a Phishing Email Lands in Your Inbox?

January 5, 20266 Mins Read
ISB-Bora-Side-Bar

 
ISB-Bora-Side-Bar
Black ISB Logo

Information Security Buzz is an independent resource that provides the experts’ comments, analysis, and opinion on the latest Cybersecurity news and topics

X (Twitter) LinkedIn Facebook RSS

Working With Us

  • About Us
  • Advertise With Us
  • Contact Us

Write For Us

  • How To Contribute

The Pages

  • Privacy Policy
  • Cookie Policy
  • AI Policy
  • Terms & Conditions
  • Copyright Notice

Information Security Buzz and all its contents are copyright © 2014-2025. All rights reserved. All third-party trademarks are recognized.

Type above and press Enter to search. Press Esc to cancel.

Manage Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
  • Manage options
  • Manage services
  • Manage {vendor_count} vendors
  • Read more about these purposes
View preferences
  • {title}
  • {title}
  • {title}