Instagram hacked? 17.5 million users received fake password reset emails
12.01.26
Instagram is likely at the center of a major data breach that could have affected up to 17.5 million users, according to cybersecurity company Malwarebytes, which uncovered the massive data breach while monitoring the dark web.
According to Malwarebytes, the leaked databases contain user names, email addresses, phone numbers, and in some cases, physical addresses. This data is already up for sale on shady sites, which increases the risk of phishing emails, social engineering, and attempts to gain unauthorized access to accounts.
Experts link the possible source of the leak to a vulnerability in the Instagram API, which was discovered in 2024. It is believed that this was the way attackers could have accessed users’ confidential information. There is no direct confirmation of this scenario yet, but the similarity in the type of data suggests that this is the attack vector.
Amidst the reports of the leak, some users have begun receiving massive messages requesting to reset their Instagram passwords. This may indicate that the compromised data is already being used to attempt to hack or hijack accounts.
Meta, which owns Instagram, has not made any official statements about the possible leak at the time of publication. Information security specialists recommend that users change their passwords, activate two-factor authentication, and check the list of devices that have access to their account through the Meta Account Center to reduce potential risks.
Official Instagram comment
Instagram announced that it had fixed a technical glitch that caused a significant number of users to receive emails asking them to reset their account passwords.
The company explained that the sending of such messages was provoked by the activity of “third parties”, emphasizing that no compromise of the platform’s internal systems was recorded. In an official statement published on the social network X, Instagram assured that user accounts remain safe, and password reset letters received without the initiative of the account owners can be disregarded.
Parent company Meta has not yet disclosed additional details about the causes of the incident or specified how third-party actions led to the mass sending of such messages.
Don't miss interesting news
Subscribe to our channels and read announcements of high-tech news, tes
One thought on “Instagram hacked? 17.5 million users received fake password reset emails”
Leave a Reply
Oppo A6 Pro smartphone review: ambitious
0 
Creating new mid-range smartphones is no easy task. Manufacturers have to balance performance, camera capabilities, displays, and the overall cost impact of each component. How the new Oppo A6 Pro balances these factors is discussed in our review.
Poco M8 Pro smartphone review: give us more
0 
Poco M8 Pro 5G immediately catches the eye with its size and the manufacturer’s desire to offer more than you’d typically expect from a device in this price range. It’s not just another mid-range device.
Microsoft has redesigned the Start menu again in Windows 11 Microsoft Windows
Microsoft is rolling out a new Start menu design in Windows 11. The company is once again introducing familiar changes, but now for most regular users.
For have Diya.Signature you will need passport with an NFC chip events in Ukraine service
Diia is updating the Diia.Pidpisu mechanism: additional verification via NFC is being introduced for its creation. Users will need a physical biometric document with a chip and an NFC-enabled smartphone.
забыл пороли лигинь