Instagram data breach reportedly exposed personal information of 17.5 million users

If you’ve received a lot of password reset requests from Instagram recently, you’re not alone. As reported Malwarebytesan antivirus software company, there was a data breach revealing the “sensitive information” of 17.5 million Instagram users. Malwarebytes added that the leak included Instagram usernames, physical addresses, phone numbers, email addresses and more.

The company added that “the data is available for sale on the dark web and can be used by cybercriminals.” Malwarebytes said in an email to customers that it discovered the flaw during its routine scanning of the dark web and that it was linked to a potential incident related to Instagram API exposure starting in 2024.

The reported violation allowed users to receive several emails from Instagram about password reset requests. According to Malwarebytes, the leaked information could lead to more serious attacks, such as phishing attempts or account takeovers. Meta hasn’t released an official statement on the latest incident, but it’s not the first time Instagram’s parent company has been in hot water since data breaches. If you haven’t already, it’s always a good idea to enable two-factor authentication and change your password. Better yet, you can check which devices are connected to your Instagram account in Meta’s Account Center.