If you’ve recently received a bunch of password reset requests from Instagram, you’re not alone. As reported Malwarean antivirus software company, had a data breach exposing the “sensitive information” of 17.5 million Instagram users. Malwarebytes added that the leak included Instagram usernames, physical addresses, phone numbers, email addresses, and more.
“The data is available for sale on the dark web and can be exploited by cybercriminals,” the company added. Malwarebytes noted in an email to its customers that it discovered the breach during its routine scan of the dark web and that it was linked to a possible incident related to Instagram API exposure from 2024.
The reported breach has resulted in users receiving numerous Emails From Instagram about password reset requests. According to Malwarebytes, leaked information can lead to more serious attacks, such as phishing attempts or account takeover. Meta has not issued an official statement about the latest incident, but it is not the first time Instagram’s parent company has been hit by a data breach. If you haven’t already, it’s always a good idea to turn on two-factor authentication and change your password. Better yet, you can review which devices are logged into your Instagram account in the Meta Accounts Center.