Instagram users recently received password reset emails, raising fears of a possible data breach. While Malwarebytes, an antivirus company, reported that personal information for 17.5 million users, including usernames, emails, phone numbers and addresses, was exposed and available on the dark web, Instagram assured users that their accounts are safe.
Survey
✅ Thank you for completing the survey!
In a post on X, Instagram said, “We fixed an issue that let an external party request password reset emails for some people. There was no breach of our systems and your Instagram accounts are secure.” The company added that users could safely ignore the recent password reset emails.
We fixed an issue that let an external party request password reset emails for some people. There was no breach of our systems and your Instagram accounts are secure.
You can ignore those emails — sorry for any confusion.
Malwarebytes discovered the data exposure during routine dark web monitoring and linked it to a possible issue with an Instagram API from 2024. The company warned that leaked data could be used by cybercriminals for phishing attacks or account takeovers.
While Instagram denies any system breach, the incident has raised concerns because Meta, Instagram’s parent company, has faced data security problems in the past. It is recommended that users take precautions such as enabling two-factor authentication, changing passwords, and reviewing which devices are logged into their accounts through Meta’s Accounts Center.
Ayushi works as Chief Copy Editor at Digit, covering everything from breaking tech news to in-depth smartphone reviews. Prior to Digit, she was part of the editorial team at IANS. View Full Profile