If you haven’t updated your Instagram app, go ahead and do that now. The vulnerabilities we are about to discuss have been patched, but if you haven’t updated your app, you don’t have those patches yet. Go ahead. We’ll wait. If you are back with us, or if you’re good about updating the moment updates become available, kudos to you. While zero-day vulnerabilities get exploited, the majority of cybersecurity attacks utilize weaknesses that have already been patched.
It’s a question of priorities, like so many other things in life. Do you take the time to update, or save it for later? Do you care more about security or about likes? Do you stay up late binge-consuming content, or go to sleep? We can’t answer all of these questions for you, but let’s take a look at that Instagram situation.
The Social Media War
It’s tough to be a celebrity these days. If it was ever easier, who knows, but at the moment it is a rough game. You can’t just have a PO box for fan mail, people expect to reach out to you through Twitter. You can’t just upload nude photos to the cloud, they get hacked. People measure your success not just in the money you make or quality of your work, but also in the number of likes that you have on social media. But the “like war” is making things more difficult for more people than just celebrities.
Parents have long warned their children to upgrade their Instagram cyber security:
- Be careful what you post, because others could see it
- Don’t share your location, so you do not fall victim to crime
- Set your privacy, so you control who can follow you
- Just generally acquire social media smarts
But social media opens the door to admiration. Who doesn’t love admiration? People go so far as to buy followers, many of which are bots, just to gain more likes, re-tweets, etc. With such a social media war going on, no wonder these tools are open to cyber hack.
The Instagram Hack
The most recent attack on Instagram seems to have stemmed from a weakness in the mobile API. Unintentionally, embedded into uploaded images, was information that linked to personal data like email addresses and phone numbers. Instagram publicly confirmed the breach but also stated that no usernames and passwords were compromised.
The personal details of as many as 6 million users were subject to the cyber security hack, including celebrity accounts for people like Emma Watson, Taylor Swift, and Leonardo Di Caprio. Supposedly the hackers also launched a lookup service, where users could search a database, for a fee, to see the stolen data. The site has since been taken down, so at least that money-making scheme is gone (or on hold for the time being).
The settings on your accounts are more important than the number of shares and likes you get. Cyber security hacking doesn’t just steal your email address and subjects you to phishing scams: your personal information can compromise your personal safety if you use passwords between accounts you can subject yourself to more breaches, and your information can find itself on the cyber black market, sold to the highest bidder.
There are many people, celebrities, business owners, etc, who should utilize personal identity threat mitigation services. For everyone else, preventing attack falls on your own shoulders. So update your systems and apps when updates become available, use effective (and unique) passwords which you regularly change, and examine your privacy settings on each service you use. You don’t need to make those kinds of headlines.