The first major "Nick Cockman hacked" alarm sounded in late 2022. Followers noticed a sudden and drastic change in his Instagram feed. Overnight, a page known for comedic videos became a barren landscape of cryptic posts—stylized black-and-white images with nonsensical Arabic and Cyrillic captions. Cockman’s profile picture was replaced with a generic hacker icon, and his bio read something akin to “Hacked by Phantom.”
According to later statements on his secondary account, Cockman described the experience as “surreal.” He woke up to hundreds of texts and emails. He had been locked out of his own account. The hacker had changed the email address, phone number, and two-factor authentication (2FA) settings in less than five minutes.
How did they get in? Initial speculation pointed to a SIM-swapping attack. This is a technique where a hacker tricks a mobile carrier into porting the victim’s phone number to a new SIM card. Once the hacker controls the phone number, they can bypass SMS-based two-factor authentication. Cockman later confirmed that his phone had lost signal for an hour the night before the hack—a classic red flag. nick cockman hacked
After two significant breaches, Nick Cockman became an unlikely advocate for digital hygiene. In a detailed video titled “How I Got Hacked (And How You Can Prevent It)” (which has over 1.2 million views), he outlined the steps he took to secure his digital life—steps that every user should follow.
He created a new, unlisted email address solely for his social media logins. This email is not used for newsletters, shopping, or any public-facing activity. The hackers from the first breach had his old email from a data leak (Have I Been Pwned later confirmed his email was in a 2021 database dump). The first major "Nick Cockman hacked" alarm sounded
The "Nick Cockman hacked" story is not unique. It mirrors the experiences of Linus Tech Tips (whose channel was hacked to promote crypto scams), Jacksepticeye, and countless Twitch streamers. However, Cockman’s case highlighted a disturbing trend: Hacking-as-a-Service.
In deep-web forums, cyber criminals sell “account takeover kits” for as little as $50. These kits include phishing templates, SIM-swapping scripts, and automated bots that test stolen passwords across multiple platforms. The person who hacked Nick Cockman likely was not a master coder, but rather a script-kiddie who purchased a tool. Cockman’s profile picture was replaced with a generic
Furthermore, the rise of Session Hijacking (stealing browser cookies that bypass passwords entirely) has made 2FA less effective. Cockman admitted that in the second breach, the hacker didn’t need a password—they stole an active login session cookie from a public Wi-Fi network his friend was using.
The first major "Nick Cockman hacked" alarm sounded in late 2022. Followers noticed a sudden and drastic change in his Instagram feed. Overnight, a page known for comedic videos became a barren landscape of cryptic posts—stylized black-and-white images with nonsensical Arabic and Cyrillic captions. Cockman’s profile picture was replaced with a generic hacker icon, and his bio read something akin to “Hacked by Phantom.”
According to later statements on his secondary account, Cockman described the experience as “surreal.” He woke up to hundreds of texts and emails. He had been locked out of his own account. The hacker had changed the email address, phone number, and two-factor authentication (2FA) settings in less than five minutes.
How did they get in? Initial speculation pointed to a SIM-swapping attack. This is a technique where a hacker tricks a mobile carrier into porting the victim’s phone number to a new SIM card. Once the hacker controls the phone number, they can bypass SMS-based two-factor authentication. Cockman later confirmed that his phone had lost signal for an hour the night before the hack—a classic red flag.
After two significant breaches, Nick Cockman became an unlikely advocate for digital hygiene. In a detailed video titled “How I Got Hacked (And How You Can Prevent It)” (which has over 1.2 million views), he outlined the steps he took to secure his digital life—steps that every user should follow.
He created a new, unlisted email address solely for his social media logins. This email is not used for newsletters, shopping, or any public-facing activity. The hackers from the first breach had his old email from a data leak (Have I Been Pwned later confirmed his email was in a 2021 database dump).
The "Nick Cockman hacked" story is not unique. It mirrors the experiences of Linus Tech Tips (whose channel was hacked to promote crypto scams), Jacksepticeye, and countless Twitch streamers. However, Cockman’s case highlighted a disturbing trend: Hacking-as-a-Service.
In deep-web forums, cyber criminals sell “account takeover kits” for as little as $50. These kits include phishing templates, SIM-swapping scripts, and automated bots that test stolen passwords across multiple platforms. The person who hacked Nick Cockman likely was not a master coder, but rather a script-kiddie who purchased a tool.
Furthermore, the rise of Session Hijacking (stealing browser cookies that bypass passwords entirely) has made 2FA less effective. Cockman admitted that in the second breach, the hacker didn’t need a password—they stole an active login session cookie from a public Wi-Fi network his friend was using.