OVERLAND PARK, Kan. — Hundreds of Instagram users, including a woman from Overland Park, have reported their accounts being stolen by hackers linked to Russian email accounts.
Michelle DeGrandi said she first noticed suspicious activity on her Instagram about three weeks ago.
“I noticed that... I was following different people. I thought I don’t even know these people,” she explained. “One time, when I’m trying to get on Instagram, it said you can’t get into your account.”
After looking into the matter and making changes to her account, the issue got even worse for DeGrandi.
“It would pop on the screen, ‘The link for the new password has been sent to…’, and it was an email address I didn’t recognize,” she said. “It ended in .ru, which I’ve since learned is a Russian email address.”
Weeks after experiencing the hack, DeGrandi remains locked out of her account.
The hacker responsible for stealing it has also switched the name on her Instagram and changed her profile picture to an unknown person.
She told 41 Action News that Instagram has offered little help for fixing the situation, and setting up a new account led to a similar result.
On Friday, DeGrandi showed an Instagram email alert that had a different handle than the one she signed up with for a second account and showed someone else trying to log-in.
After experiencing the hacks, she said she was very cautious to go back on Instagram.
“I don’t feel safe on Instagram right now, so I haven’t been using it since all this happened,” she said. “It’s very shocking. I don’t understand it at all. I don’t know why they would want an Instagram account.”
In a statement, Instagram said it was aware of the issue. The statement reads:
We are aware that some people are having difficulty accessing their Instagram accounts. As we investigate this issue, we wanted to share the below guidance to help keep your account secure:
If you received an email from us notifying you of a change in your email address, and you did not initiate this change – please click the link marked ‘revert this change’ in the email, and then change your password.
We advise you pick a strong password. Use a combination of at least six numbers, letters and punctuation marks (like ! and &). It should be different from other passwords you use elsewhere on the internet.
You can also use the steps outlined on this page to restore your account. Please use a new, secure email address to restore your account.
Finally, revoke access to any suspicious third-party apps and turn on two-factor authentication for additional security. Our current two-factor authentication allows people to secure their account via text, and we’re working on additional two-factor functionality with more to share soon.