The news that a social network has been hacked and spammed is hardly earth-shattering, but the fact that the victim was Instagram this time is a whole other story.
Instagram was overtaken by fruit over the weekend as spammers hacked user accounts and posted pictures of a “miracle fruit.” Not only did they post on behalf of users, they also changed the websites in user bios to redirect to a rapid weight-loss page.
Facebook gave an update to GigaOm, one of the first responders to the hack:
Earlier today a small portion of our users experienced a spam incident where unwanted photos were posted from their accounts. Our security and spam team quickly took actions to secure the accounts involved, and the posted photos are being deleted.
Despite obvious red flags, the bit.ly link that was shared unwillingly throughout Instagram received more than 30,000 clicks, the majority of which were from the United States, Unites Kingdom, and Canada.
Along with deleting the photos, Facebook set to work resetting the passwords of affected accounts and sending emails to all who were hacked. Fortunately, with something basic like this, you can easily check whether or not your account was hacked. If you don’t see any fruit on your profile, you’re in the clear.
Even if you weren’t affected by this weekend’s fruit-attack, it’s still a good idea to review your password and privacy settings. According to NBCNews, different security experts recommend password changes every 30 to 180 days. That may seem a tad unrealistic, (after all, if you can barely make it to the dentist twice a year, how can you be expected to update all of your accounts that often?) but failing to change your passwords – even after a minor hack like this – can lead to bigger problems in the future.
A 2010 study by BitDefender found that 75 percent of users have the same passwords for social networks as their email accounts. When hackers get access to one account, as trivial as that account may be, they can use it to log into the more serious websites and take your information there. Hackers probably don’t care about your spring break photos, and they only get a few benefits from posting on your behalf, but they probably care about the password to your PayPal account or other information you have saved in various email folders.
While the normal reaction to compromised accounts is usually public shaming and criticism towards the network, some news outlets are congratulating Instagram for hitting their next life milestone. Getting attacked by spammers is the main sign that a social network has grown up.
Instagram was bought by Facebook a little over a year ago and has greatly helped their plan to take over the world. As Instagram establishes itself with a steadily growing fan base and incorporation of video, it only makes sense that spammers would set their sights on this maturing social network. We’re sorry the attack happened Instagram, but they’re called growing pains for a reason. Mazel tov!