Unfortunately, I am not stranger to having my Instagram “hacked.” Every once in a while I’ll wake up in the morning to emails from Instagram from the wee hours of the morning saying I requested a new password or couldn’t access my account. Fortunately, these issues are typically easy to correct, with a simple click of a link saying “This wasn’t me” or a similar message, I can regain access to my account with a quick password change.
However, last Wednesday was a bit different. Every morning, I’m guilty of immediately grabbing my phone as soon as my alarm goes off to check my messages, email and social accounts. On this particular day when I clicked on Instagram, I had been logged out of my account and entering my password led to error messages. Highly confused and with tired eyes from just waking up, I furiously rushed to my email but was surprised to find none of the usual Instagram password reset emails that typically accompany this kind of “hacking.” A little more digging around led me to discover that not only had my password been changed, but my email, username, name, profile picture and privacy settings had been changed to Russian info. Oddly enough though not a single one of my posts or Instagram activity had been deleted, for which I was extremely thankful.
As I previously shared, the account recovery process is usually pretty simple and involves just a password change. This time however, since the account appeared to be compromised in a different manner and so much of my info had been changed, I initially couldn’t figure out how on earth I would regain access. After reading through some blogs I finally discovered how to attempt to regain control, however, the process had no guarantees of success. I soon received an email with a code and instructions for how to respond in hopes of recovering my account. I had to send in a selfie holding up a sheet of paper with my name, a provided code, username and email in order to prove that I was the owner of the account. However, this was slightly more complex since all of the names associated with the account were no longer mine. Nonetheless, I was successful and received an email within 8 hours that I had successfully recovered my account and all that was left was to change all of my names and passwords back.
There were a few odd things about this whole process that stood out to me. First, I am curious why it seems so easy for people to hack others’ accounts so frequently. Although Instagram has introduced a “2FAC” authentication process that I was guilty of not using before, it seems as though there could be even more protection systems in place for users. Additionally, the recovery emails that I received from Instagram almost seemed “sketchy” themselves and somewhat outdated for such a modern tech company. One would think there would be a simpler, more automated process for victims of account hacking. I hope that I won’t have to go through this process again in the near future, but the attacks aren’t just limited to Instagram. This morning, I woke up to an email saying a Windows computer (I have a mac) had attempted to log into my Facebook at some absurd hour of the morning. Fortunately this time I was able to stop it before any damage was done.