If you’ve recently received a bunch of password reset requests from Instagram, you’re not alone. As reported by Malwarebytes, an antivirus software company, there was a data breach exposing “sensitive information” of 17.5 million Instagram users. Malwarebytes said the leak included Instagram usernames, physical addresses, phone numbers, email addresses, and more.
The company said that “the data is available for sale on the dark web and can be misused by cybercriminals.” Malwarebytes told its customers in an email that it discovered the breach during its routine dark web scan and that it is linked to a possible incident related to the Instagram API exposure from 2024.
As a result of the reported breach, users have received multiple emails from Instagram regarding password reset requests. According to Malwarebytes, the leaked information could lead to more serious attacks like phishing attempts or account takeover. Meta has not released any official statement regarding the latest incident, but this is not the first time that Instagram’s parent company has come into controversy for data breaches. If you haven’t already, it’s always a good idea to turn on two-factor authentication and change your password. Even better, you can review which devices are logged into your Instagram account in Meta’s Account Center.
<a href