Update 7/19: The article below is still relevant, and you should check out the comments for ongoing discussion, but I have another update about Pinterest locking accounts along with an official Pinterest hacking survey that all users who had their accounts hacked should complete.

Updated 7/8: Based on user experiences, if you have been hacked, the first thing you should do is change your Pinterest password. This worked for at least one of the Pinterest users who posted in our comments.

It is unclear how hackers are getting access to Pinterest accounts, but in the last three days there has been a number of signs that hacking is again becoming a problem on Pinterest.

Traffic to my post on the March hacking of Pinterest has increased considerably starting on July 5th, and you can find a number of people on Twitter complaining about being hacked.

A blogger for the Identify Theft Resource Center posted a hacking experience. This person believes the issues

might have started on Facebook.

Just now I happened to come across a Facebook post about how to make a very cool iPad case using wallpaper so I thought I would go ahead and pin it so I could check it out later. This is when the trouble began.

I have several different “boards” on my Pinterest to organize what I find online, but the board to which this particular link wanted to post to was called “Make Money Online”.  Fairly certain that I had not created that board, I logged into the site and found that several boards had been created and items had been pinned to them.  The pinned items, when clicked on, would lead someone to either an online job scam or a malware download.

Since I first published this article, two people shared their experiences in the comments, and neither of them believe that they got hacked by clicking something in Facebook.

Pinterest users have also been commenting on some of these hacked pins trying to figure out the issue. A sample of the comments include:

I have been deleting these. I get at least two a day now!

Glad to see I’m not the only one having this pop up on my account and unwanted at that! I’ve reported it every time with no kind of feedback! Every day it reappears under some other board that I didn’t create!

Blogger C McKane has a blog post with some tips on what to do if you account has been hacked.

I included some of the images the hackers have been using at the top of this post. Definitely don’t click on any pin that has these images in it.

If you account has been hacked, please share your story in the comments. If you have a guess as to why the hack might of happen, please post the details so others can avoid this issue.

 

Tagged with:
 

28 Responses to Protect yourself from the newest hacking of Pinterest accounts.

  1. avatar Anne-Marie Large says:

    I haven’t clicked any links from FB (I’m very vigilant) but I keep getting emails saying people have re-pinned these spam posts from my boards about working from home. I haven’t posted any boards like this but when I went onto my account, they were there.

    I’m going to change my password but I have no idea what else I can do apart from report it to Pininterest and then they’ll just find another way to get around it. :(

  2. avatar Ashley Ann says:

    I also never clicked anything from Facebook but I was getting several of the above pictured pins on a board I never created. I contacted Pinterest a month ago and received an email stating that at this time they are only handling Log-in issues. I did end up changing my password and I haven’t had any mystery pins since.

  3. avatar Josh Davis says:

    Thanks to both of you for posting.

    It seems like Facebook may not be the issue.

    Ashley, it is great to hear that the pins didn’t come back once you changed your password.

  4. avatar Betsy says:

    I don’t even have a Facebook account, but the pins/boards above have been showing up on my account. I have a Twitter account, but I don’t use it except the rare occasion that I need it for something like setting up a Pinterest account. I contacted Pinterest but got the same message about them being overloaded with emails. I just changed my password based on the recommendation here. Hope it works. Thanks!

  5. avatar Jennifer says:

    I do not believe I linked to Pinterest recently from any Facebook pins, not near the time it started, anyway. I’ve had three appear mysteriously. Two yesterday, I became aware like the first poster, when I got emails about someone repinning my pin, a pin I didn’t recognize. I logged in and deleted those, and unlinked Pinterest from Facebook for the time being, but had another mystery pin today. I just changed my password, we’ll see if it happens again.

  6. avatar Nicole says:

    I have had to delete two of these types of posts! They both link to a blog that says blog.f2c.com and I googled that and it doesn’t say what it is. I’m not on pinterest a lot though, so it isn’t Facebook. I usually find stuff to pin through my own blog or StumbleUpon. I just changed my password. So I hope this stops it!

  7. avatar Ashlee says:

    I never click on ads on FB BUT the only reason I noticed my Pinterest account being hacked is bc a woman messaged me on FB thanking me for reposting her Pin. It was for ‘Send A Card’? Has anyone else received messages through FB about a pin? I changed my passwords so, just as everyone else is hoping it helps, I am also.

  8. avatar Angela says:

    Have had mysterious boards appear with one or two pins on them, but one of my own boards was completely deleted. It was “Products that I love.” There was another board on my account with a similar name, but not my same one. I deleted those three boards and didn’t think too much of it – thought I might have left it up at work and somebody mistakenly tried to pin their own things (we do have a Pinterest account for work). I created another “products I love” board and found some of my previous items and repinned them, only to log on today and find that it was again deleted and some weird random board was up in it’s place with nothing on it. Changing my password right now!

    • avatar Josh Davis says:

      Thanks for sharing your experience Angela.

      It doesn’t seem like we have figure out what is causing the hack, but the solution seems to be to change the password.

      Makes me wondering if the hackers are just guess passwords. I don’t want anyone to reveal their password, but if you were hacked, was it an easy password.

      I am trying to think, but if you signed up with Facebook do you even create a password?

  9. avatar Angela says:

    I did wonder if certain keywords triggered it – since I tried twice to create boards with the work “product” in them. Those were the only ones tampered with and whoever did it tried to replace them with their own boards of products or business idease. Only common theme I can think of. Did change my password, though, and nothing change yet!

  10. avatar Barbwire says:

    The hack on my account was EXACTLY like Angela’s. I was so shocked and pissed. I had spent lots of time saying things in the Products I love board and it was completely deleted and I had two new boards added…one said THE BEST and the other I can’t remember now.

    And my password was a difficult one using letters and numbers.

    Im thinking of deleting my account. If the site is that easily hacked how much of our info is being stolen.

  11. avatar Heidi says:

    I’ve had the same problem. Only thought I have is this: Today I googled my email address out of curiosity. I found one site that listed my email address and my password (to Pinterest and some other sites), along with kazillions of other email/password combos.
    The URL is: http://ww.frenchjttw.com/629.txt

    Creepy. I’m changing my password. Curious what you think of this.

    • avatar Josh Davis says:

      Very interesting Heidi. Thanks for sharing that experience and link.

      The good news is that it is unlikely that the email addresses and passwords you linked to were taken from Pinterest. A quick search doesn’t show Pinterest used in any of the passwords. With that many passwords, it is likely at least one user would have used “pinterest” or some variation in their password.

      The bad news is that sites get hacked all the time. I had the same experience you did where I was Googling an email address I used to use and found a text file like this, that had my password beside my email.

      The best thing to do is use different passwords at every site. Even if it is just putting a the first letter of a site in front of a normal password, that stops hackers from just using bots to try lists like these for different sites.

      I would say that anyone who has been hacked by Pinterest should likely change their password on Pinterest as well as any other important sites you might use that same password on.

      It certainly looks like hackers got hold of a list and just happen to be using it to get access to Pinterest accounts.

      • avatar Amanda says:

        A cursory google search displayed the same thing for me. How they got the password, though, is the question.

  12. avatar Josh says:

    My Mom’s account was hacked last week and I thought nothing of. But today, my account was hacked as well and I’ve never been hacked anywhere on the web before. And after reading this article I’m definitively done with pinterest until they can get way better security.

  13. avatar Amanda says:

    Yup, this has been happening to me for almost 2 weeks. I’ve opened help tickets with Pinterest (WITH ZERO RESPONSE), changed my passwords multiple times, disabled facebook login, changed the password a few more times just to be sure, and it’s still happening.

    Now Pinterest is telling users to deactivate their accounts via their facebook page (https://www.facebook.com/pinterest/app_287566584657772) “If changing your password does not solve the issue, change your password again and immediately deactivate your account. Please return to this support article in 1-2 weeks for additional instructions; we are working on a process that will enable users to reset their accounts.” This isn’t a manageable solution, as everything people have pinned would go away.

    My computer has no malware. The fact that they keep getting the new passwords reeks of something else happening, as does the lack of response from Pinterest.

    If I disable my account, I won’t be back. And that’s a bummer, as Pinterest is a great social media tool, and a genius idea.

  14. avatar Ashley says:

    I actually didn’t do anything. I was inactive on Pinterest for at least two months. I happened to sign in a week or so ago only to realize someone had been posting these types of pins on my boards. Sometimes they post to boards that I already have, and at other times they create brand new boards. I changed my password and unlinked my account from Facebook and it is still happening. Not sure what to do.

  15. avatar Angela says:

    Happened again! Didn’t try to recreate another “products” board yet, but logged on today to find that another board called “must have” was on my account with some pyramid-type chart with people on it. Didn’t stop to read it, just deleted it. This is after I changed my password. Guess I’ll have to delete my Pinterest account now…

    • avatar Josh Davis says:

      Sorry to hear Angela. I wish there was a good solutions, but for some people, these hacks just keep happening.

  16. avatar Lynne says:

    My Pinterest account is locked and won’t let me log in. It said it had suspicious activity and I would receive an email in a several business days with instructions on how to fix it. I had a fellow pinner create a board and added me to it. It had a pin with one of the pictures above on it. I just happened to be looking for work at home jobs so it interested me. Didn’t realize it was not my friend who had created the board. Love Pinterest but hate this!

  17. avatar Heather says:

    I am having the same problem as Lynne and its rather annoying. I had someone add me to their board then I started getting random pins I didnt create and would delete them and made sure not to click on them. I hope its resolved soon.

  18. Same thing happened to me, both pins looked identical, it said “WANTED” in big bold type featuring a CNN, Facebook and pinterest logos this time pinterest auto locked it, but it seems like they’re coming from within Pinterest itself rather than individually hacking each account.

  19. avatar Daniel says:

    if you search twitter for “pinterest hacked” its happening to so many people! I posted about it and many people replied to me that it happened to them.

    Its happening to loads of people but not everyone. I am supcious that pinterest have had a password or accounts database breach and refusing to publicise it! Unless there is another link to all the spam pins. A friend of mine started a pinterest account and never logged in again, he started to get emails that people were liking the spam pins that he never posted. His pinterest was not connected to anywhere! The people who this has happened too have not “given” out their password purposely. Simplest explanation is database breach on the site

    • avatar Josh Davis says:

      Daniel,

      I am not saying your theory is wrong. But couldn’t the hackers just be using the emails and passwords from the LinkedIn, Yahoo or LastFM hacks?

      Maybe some people who previously commented can jump in. Did you use the same password at LinkedIn as you did at Pinterest?

      I feel like the hacking is increasing, but I still can’t figure out the cause.

      Josh

  20. avatar Andreea says:

    I logged in to my Pinterest account yesterday and all of my boards were gone! They were all deleted. My followers were still there, my likes were there, but none of my boards. I’ve rebuild some of them…

  21. avatar vince says:

    firstly, pinterest should not allow a board to be deleted, if it contains pins. That will cut down on some grief caused.

    Also,
    If you login to facebook on your computer and walk away… you have also allowed someone to login to pinterest. For example, if you are logged into facebook, all someone has to do is go to Pinterest and login with facebook, and they will get in. Thats how the facebook login works. Maybe people are not aware of that!

    Pinterest should force those suspicious accounts to reset the password. This way, there’s no need for people to wait around. This process could be automated.

    I think, its important to change your password in 3 places:

    On pinterest, on facebook and on twitter.

    That way, people cant use any of those 3 methods to login. If you change your facebook password, but a hacker has your twitter password, they will still get in.

    Hope that helps. I am a developer, so I know how these things work.

  22. avatar Kat Ford says:

    Just curious but is anyone part of a large group board??