A group of hackers dubbed ‘Doxagram’ claims to have scraped the personal data – including phone numbers and email addresses – of six million Instagram users and is selling the contact information.
The six million account details being offered range from high-profile accounts including the official POTUS account to large brands and average users.
They are being sold on the dark web for $10 per inquiry in Bitcoin via a searchable database.
UK cybersecurity company RepKnight accessed the full database and identified 500 A-list celebrities who have been exposed from the hack. Taylor Swift, Kim Kardashian and her sisters Khloe and Kourtney are all on the database
On Monday, Selena Gomez’s account was seized and several full-frontal naked photos of ex-boyfriend Justin Bieber were posted shortly after, which was believed to be the first instance of the attack using a bug in Instagram’s API the firm has now fixed.
After reporting on the breach in which a bug in Instagram’s system was exploited, Ars Technica received an email from someone claiming to have collected the data and be offering it for sale.
For only $10, anyone can purchase private information of celebrity Instagram users, including the email of Cara Delevingne
The person provided a 10,000-entry sample of the database said to be filled with the data of six million unsuspecting users.
While Instagram has not confirmed the sender’s claims, an analysis by Ars Technica and the security researcher Troy Hunt, maintainer of the Have I been Pwnd? breach notification service, ‘all but concludes it’s legitimate.’
Justin Beiber was targeted in the hack of Selena Gomez’s account on Monday, and now his own email address has been leaked as well
DailyMail.com has discovered a Bitcoin forum where a user with the name ‘Doxagram’ advertised the database. In the post, the user touts, ‘We offer the only Instagram lookup service on the market, we can pull information on ANY Instagram account for you instantly!’
In the sample of 10,000 records, 9,911 of them include either a phone number, email address, or both.
5,341 include a phone number, and 4,341 include a phone number.
A cross-check showed the users in the database correspond to real Instagram users, and in the case where phone numbers were listed and the accounts listed locations, the area codes added up.
The Daily Beast was also sent a sample of 1,000 accounts, which it reports consisted of many with millions of followers including politicians, sports stars, and media companies, as well as ordinary people.
‘Instagram clearly hasn’t yet understood the full impact of this bug,’ one of the people behind the site, dubbed ‘Doxagram,’ told The Daily Beast.
One account was allegedly for the official President of the United States’ Instagram account.
The listed email address – which appears to belong to Dan Scavino – the White House director of social media and assistant to the president, was linked to an Instagram account.
RepKnight also discovered musicians including Drake Harry Styles, Ellie Goulding, Victoria Beckham, Lady Gaga and Rihanna, Taylor Swift, Katy Perry, Adele, Snoop Dogg, and Britney Spears
While the phone for the number listed in the database for that account rang when The Daily Beast called, no one returned the call – additionally, an email sent failed to deliver.
National Geographic, Jennifer Lopez, soccer star Cristiano Ronaldo, and many of the top 50 most popular accounts on the app are included in the database, according The Daily Beast’s test.
The publication also found the sample it was provided to be legitimate.
It tried to create new Instagram accounts with a random selection of email addresses from the database but found every one of them already belonged to an existing account.
Both Kendal Jenner and Kyle Jenner as well as Beyoncé are on the database. The emails and phone numbers associated with all three of their accounts are listed
The listing for Kendall Jenner’s phone number and email on the database
They also tested to see if the emails could have been scrapped from somewhere else on the internet – they determined the addresses were not publicly available and had to have been obtained from a private source.
The Daily Beast also confirmed these email addresses have not already been leaked in other large-scale hacks, which means these hackers couldn’t have simply collected them from other publicized breaches.
The hackers claim they initially wanted to target users with over one million followers and then opened it up from there.
Both Gigi Hadid’s phone number and email address are listen on the database and available for only $10
Miley Cyrus’ email address is available for purchase as well
When The Daily Beast asked if they are concerned how the data will be used, the hackers responded, ‘not really.’
UK cybersecurity company RepKnight accessed the full database and identified 500 A-list celebrities who have been exposed from the hack.
Actors on their list includes Emma Watson, Emilia Clarke, Zac Efron, Leonardo Di Caprio and Channing Tatum.
They also discovered musicians including Harry Styles, Ellie Goulding, Victoria Beckham, Beyoncé, Lady Gaga and Rihanna, Taylor Swift, Katy Perry, Adele, Snoop Dogg, and Britney Spears.
Sports stars they found include Floyd Mayweather, Zlatan Ibrahimović, Paul Pogba and Zinedine Zidane, Neymar, David Beckham, Ronaldinho, Sachin Tendulkar and Virat Kohli.
A cross-check showed the users in the database correspond to real Instagram users, and in the case where phone numbers were listed and the accounts listed locations, the area codes added up
DailyMail.com has also accessed a Bitcoin forum where a user with the name ‘Doxagram’ – the same pseudonym given to The Daily Beast – advertised the database.
In the post, ‘Doxagram’ – who is labeled a ‘newbie’ on the site – touts, ‘We offer the only Instagram lookup service on the market, we can pull information on ANY Instagram account for you instantly!’
The user adds: ‘You can get celebrities private information that no one else can get with our service guaranteed!’
The post is signed ‘DoxAGram team,’ which makes it seem that there is more than one hacker involved.
The post advertised $10 per lookup to be paid in Bitcoin, which matches what the hackers told both Ars Technica and The Daily Beast.
Actors on the database includes Emma Watson, Emilia Clarke, Zac Efron, Leonardo Di Caprio, Kevin Hart, and Channing Tatum.
Sports stars they found include Cristiano Ronaldo, Floyd Mayweather, Zlatan Ibrahimović, Paul Pogba and Zinedine Zidane, Neymar, David Beckham, Ronaldinho, Sachin Tendulkar and Virat Kohli
The user also provided a link to the database, which is on the dark web and can be accessed using a Tor browser.
In a comment further down, Doxagram writes, ‘Our domain has been suspended by Facebook. We will setup tor service and new domains shortly… Sorry for the inconvenience.’
When another user asks what kind of info can be obtained, Doxagram responds, ‘Dear, we can pull phone + name + email. (We have millions of fresh records…). We are on many news stories now.’
He also posted a new domain but adds it is still experiencing some issues.
The post appears to gave been read over 1,000 times.
Deepanker Verma of TechnloMEDIA writes he also discovered the post and used Tor to access the database.
‘I tried searching for several accounts, but it was actually pulling information from ANY Instagram account as it claimed,’ Verma wrote, adding he successfully looked up the Prime Minister of India to see both his email address and phone number listed.
‘But it was working with any celeb Instagram account.’
‘As I didn’t pay, I couldn’t see the information, but it was showing if the details are available for any specific account.’
Online trouble: Selena Gomez had her Instagram hacked on Monday and the culprit then posted three naked photos of her ex-boyfriend Justin Bieber
Instagram has warned users that hackers used a bug in its system to access high profile accounts.
The Facebook owned site said the attack was targeted at high-profile users, and it is believed one victim of the attack could be Selena Gomez, who had her Instagram account hacked.
The pop star’s account was swiftly shut down and her team have now regained control of it.
‘We recently discovered that one or more individuals obtained unlawful access to a number of high-profile Instagram users’ contact information — specifically email address and phone number — by exploiting a bug in an Instagram API,’ Instagram said.
It claims no account passwords were accessed.
‘We fixed the bug swiftly and are running a thorough investigation,’ it said.
The Facebook owned site sent this email to all users with a verified account, and said the attack was targeted at high-profile users, and it is believed one victim of the attack could be Selena Gomez, who had her Instagram account hacked.
‘Our main concern is for the safety of our community and, out of an abundance of caution, we are reaching out to all verified accounts.
‘At this point we believe this effort was targeted at high-profile users. We encourage you to be extra vigilant about the security of your account and exercise caution if you encounter any suspicious activity such as unrecognized incoming calls, texts and emails.’
Gomez is is the most-followed person on the photo sharing site with 125 million followers.
Swift action: Selena’s account was immediately taken down and her team have now regained control of it. She is pictured with her former flame Bieber in 2011
Hacked: It was these three images (uncensored) that were posted together to Selena’s account and a caption that read ‘LOOK AT THIS N***A LIL SHRIMPY’
The nude photos of Bieber were those taken by paparazzi when the Sorry hit-maker was vacationing in Bora Bora in 2015 – the former couple weren’t together at the time.
The offenders who posted the images included their own Instagram handles in the caption which read ‘LOOK AT THIS N***A LIL SHRIMPY’ before claiming they ‘run da scene.’
According to TMZ, the Instagram users tagged in the post appear to be random trolls with only a handful of photos between them.
Members of Gomez’s team took to Twitter with updates on the situation before the Bad Liar singer’s account was fully restored.
When Gomez was back online, fans helped to spread the word that the situation was being dealt with.
Members of Gomez’s team took to Twitter with updates on the situation before the Bad Liar singer’s account was fully restored
Back online: Fans helped to spread the word that the situation was being dealt with