New Instagram Security Fail Impacts Millions: Are You Safe?

April 19, 2019 · Filed Under Social Media · Comments Off on New Instagram Security Fail Impacts Millions: Are You Safe? 

Instagram recently discovered millions of user passwords were being stored in plain text

Instagram Logo

At KnowEm we take security very seriously. When one uses our social media registration services, we have certain criteria for the passwords to be used for registration. These criteria exist so that we can ensure the accounts created will be secured and accessible only by yourself or your team members that you choose to grant access.

Over the last 10 years, we’ve refined our guidelines and continue to evaluate them to make sure that your information is safe. Sometimes your security is left in the hands of companies that inadvertently expose some of the data that they have been trusted with securing.

In a March blog post Facebook disclosed that tens of thousands of passwords to Facebook accounts had been stored in plain text.  This was discovered earlier in January. As a result, on April 18th, 2019, Facebook quietly updated the previously published blog post. They subsequently revealed that in addition to the known visible data, millions more Instagram user accounts than expected were implicated.

Facebook Update to the Report:

(Update on April 18, 2019 at 7AM PT: Since this post was published, we discovered additional logs of Instagram passwords being stored in a readable format. We now estimate that this issue impacted millions of Instagram users. We will be notifying these users as we did the others. Our investigation has determined that these stored passwords were not internally abused or improperly accessed).  

Facebook has said it will notify all users whose passwords were visible and instruct them to change their passwords. We do not recommend waiting for a message from Facebook to update your passwords. If you have an account on Instagram is it recommended that you change it immediately. This will minimize the chance of someone maliciously accessing your account.

Whenever an incident like this occurs, it is strongly encouraged that you consider changing your passwords.  Try not to recycle passwords, it is highly possible they have been discovered in previous data breaches which seem to happen often.   Therefore, an additional step that is recommended is to enable 2 factor authentication or 2 step verification whenever possible.

What You Can Do Next: Security Resources

We’ve compiled multiple resources to assist you with securing your accounts. The most recognizable social media and service platforms are often the first attacked:

We’ll continue to monitor this situation and update you as more information becomes available.

Is Your Email Address Listed in the Leaked Ashley Madison Hack?

KnowEm is now offering via our Security Alert portal a freely searchable database of over 35 million email addresses allegedly used to create accounts on the online extra-marital dating website Ashley Madison®. The email addresses were leaked by the hacking group “Impact Team” a couple days ago, but unless you wanted to download 10 GB of data off the dark web you probably haven’t been able to find out if your email is in the list.
Keep Calm and Check KnowEm
Just like we did last September for the Gmail hack, KnowEm did all the work for you. We downloaded the database and converted it for free text searching on our security alert minisite, http://securityalert.knowem.com/. All you have to do is enter your email address to search the millions of emails that were leaked.

Of course, just because an email address is in the list doesn’t prove anything – but all signs are pointing to the fact that this is a legitimate breach and the leaked accounts did come from Ashley Madison®‘s site. Still, KnowEm cannot confirm or deny if any email address listed in this database was ever an account on Ashley Madison®. We are simply making the hacked list publicly searchable as a convenience. We are not affiliated with the hackers “Impact Team” or Ashley Madison®.

Security Alert: Was Your Gmail Account Hacked?

September 10, 2014 · Filed Under Announcements, Identity Theft · 3 Comments 

Keep Calm and Check KnowEmSecurity breaches happen, from credit card numbers coming from major chain stores to the most recent hack of Gmail.  It’s hard to stay on top of what passwords you need to change what accounts were affected.  Enter KnowEm’s newest free service to keep track if your account has been affected: KnowEm’s Security Alert.

As of September 10th 2014 over 5 million gmail passwords and accounts were hacked and leaked onto the internet.  KnowEm has prepared a publicly searchable database of all of the accounts that were effected.  To check if your account has been effected simply type your Gmail address into the box and we’ll let you know if it’s on the list. If you were not effected you are safe (for now), but it’s always a good time for a security and password audit of your accounts.

As much as we hate to be the bringer of bad news, we will do our best to keep the site updated with the latest security breaches and account information making it easy to search and see if you need to go on a password changing spree.