If you have recently received multiple password reset notifications from Instagram, rest assured that this is a widespread issue. According to a recent report by cybersecurity firm Malwarebytes, a significant data breach has exposed the sensitive information of approximately 17.5 million Instagram users.
Malwarebytes revealed that the leaked data includes:
- Instagram usernames
- Physical addresses
- Phone numbers
- Email addresses
- And other personal details
The company warned that this information is currently being sold on the dark web, making it highly vulnerable to misuse by cybercriminals. Such data can be exploited for phishing attacks, identity theft, or even full account takeovers.
Malwarebytes discovered the breach during a routine dark web scan and linked it to a possible Instagram API exposure from 2024. This incident appears to be the reason behind the surge in password reset notifications many users are experiencing.
While Meta, Instagram’s parent company, has yet to issue an official statement, this is not the first time the platform has faced scrutiny over data security lapses. The situation underscores the importance of taking proactive measures to protect your account.
What should you do now?
- Enable two-factor authentication (2FA) for added security.
- Change your Instagram password immediately.
- Review logged-in devices via Meta’s Accounts Center to ensure there are no unauthorized sessions.
Staying vigilant is crucial, as leaked information can lead to more severe attacks beyond simple password resets.
