A post has recently caught the attention of the cybersecurity community, as a user claims that a major Facebook employee stole his Instagram account. Although the wording is poor, the user suggests that his account has been compromised: “When trying to enter Instagram I found it impossible to log in; whoever behind this attack assures that their friend works for Facebook,” the post mentions.
Danny Hall created his Instagram account (@danny) shortly after the launch of the platform about 10 years ago, so any user with a similar name had to add variants to his username because the user “danny” had already been chosen by Hall.
One day like any other, Hall tried to access his Instagram account, protected with multi-factor authentication and a strong password, although he encountered an error message at login. This had happened before, so Hall attributed it to an attempt to compromise his account, something infamy common among rare username owners.
However, Hall discovered that someone had seized his account, so he continued to investigate to find out exactly what had happened.
Soon after, the person responsible for compromising the @danny account had deleted all photos posted by Hall, posting his own images instead, even publishing a story where he presumed his “new account”.
Hall’s girlfriend decided to write to the new account owner, who only responded with taunts: “My friend works on Facebook, now this account is mine,” mentions the message received by the woman.
Hall does not explain how this might happen, as it does not remember receiving a phishing email or unknown login alerts. In trying to get answers from Facebook and Instagram, Hall also did not get any response beyond an email in which he was mentioned that the issue had already been resolved.
In the absence of concrete answers, Hall theorizes that a Facebook employee with access to this information may have collaborated with the individual who seized his or her username. When the Twitter post went viral, Instagram CEO Adam Moseri contacted Hall to find a solution, although no further details are known so far.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.
