Instagram Fights Back: The Truth Behind the Alleged 17 Million Account Data Leak

Instagram recently addressed a bug that allowed malicious actors to request password reset emails in bulk. This action came in response to claims that data from over 17 million Instagram accounts had been scraped and leaked online.

A spokesperson from Meta, the parent company of Instagram, stated, “We fixed an issue that allowed an external party to request password reset emails for some Instagram users. We want to reassure everyone that there was no breach of our systems, and people’s Instagram accounts remain secure. People can disregard these emails, and we apologize for any confusion this may have caused.”

The frenzy surrounding an alleged Instagram data breach began when Malwarebytes warned its customers about cybercriminals stealing data from 17.5 million accounts.

The leaked Instagram data, which was made available for free on various hacking forums, reportedly includes 17,017,213 Instagram account profiles containing phone numbers, usernames, names, physical addresses, email addresses, and Instagram IDs.

While cybersecurity researchers claim that the scraped data is from a 2022 API scraping incident, Meta has stated that it is not aware of any API incidents in 2022 or 2024.

Although Meta denies any breach, it is essential for users to remain cautious against potential phishing and social engineering attacks that may arise from this leaked information.

It is advisable to enable two-factor authentication on your Instagram account to enhance security and ignore any password reset emails or text codes that you did not initiate.

Whether you’re cleaning up old keys or setting guardrails for AI-generated code, this guide helps your team build securely from the start.

See also  INTERPOL's Global Crackdown: Taking Down 45,000 Malicious IPs and 94 Cybercriminals

Get the cheat sheet and take the guesswork out of secrets management.

Download Now