Thousands of Instagram Users Hacked,and their Usernames and Passwords compromised.
Instagram accounts compromised through third party service company Social Captain.
Social captain helps the user to grow their Instagram followers counts.
If you are using Social Captain service, then you need to change your Instagram account password immediately.
The Social Captain was vulnerable and allowed access to any user’s profile without authorization to access their Instagram login account that leaked thousands of Instagram usernames and passwords.
According to Techcrunch report,
Any user who viewed the web page source code on their Social Captain profile page could see their Instagram username and password in plain sight, so long as they had connected their account to the platform. Social Captain was storing the passwords of linked Instagram accounts in unencrypted plaintext.
“A security researcher, who asked not to be named, alerted TechCrunch to the vulnerability and provided a spreadsheet of about 10,000 scraped user accounts,” said the report.
“Early analysis indicates that the issue was introduced during the past weeks when the endpoint, meant to facilitate integration with a third-party email service, has been temporarily made accessible without token-based authentication,” said Anthony Rogers, chief executive at Social Captain.
“As soon as we finalize the internal investigation we will be alerting users that could have been affected in the event of a breach and prompt them to update the associated username and password combinations,” he said.
Later Social Captain said that, we have fixed the vulnerability by preventing direct access to other users profiles.
How Instagram Users Gets Hacked Through Social Captain?
Once you create the account in Social Captain, then users were asked to enter their Instagram username and password, but they stored their password in plaintext.
Instagram officials said, “We are investigating and will take appropriate action. We strongly encourage people to never give their passwords to someone they don’t know or trust.”
It is not the first time that Instagram Users get Hacked.
How To Protect Your Instagram Account?
- Change your password regularly.
- Turn on two-factor authentication for additional account security.
- Do not click any unknown link.
- Always do use a combination of at least six numbers, letters, and punctuation marks for a unique and secure password.
- Do not use any third-party App or Service or think before you authorize any third-party app.