‼️17.5 Million Instagram Accounts Exposed in Major API Data Leak
Meta is facing a significant security incident after cybersecurity firm Malwarebytes confirmed a breach impacting 17.5 million Instagram users.
The leaked dataset, which includes usernames, email addresses, phone numbers, and partial physical addresses, is now being actively circulated on dark web forums.
In the aftermath, millions of Instagram users have reported receiving unexpected password reset emails from the platform’s legitimate domain: security@mail[.]instagram[.]com.
Although the emails are authentic, they were not requested by recipients, fueling widespread confusion over whether Instagram is experiencing a glitch or if users are being targeted in phishing attempts.
Security researchers now believe these unsolicited reset emails are directly linked to the breach, suggesting threat actors may be using the exposed data to initiate account recovery flows or to obscure targeted phishing activity.
The dataset is believed to have been obtained by a hacker known as “Solonik”, with the underlying issue reportedly tied to an API-related exposure dating back to 2024 (see screenshot 2).
As of now, Meta has not issued an official statement regarding the incident.
‼️17.5 Million Instagram Accounts Exposed in Major API Data Leak
Meta is facing a significant security incident after cybersecurity firm Malwarebytes confirmed a breach impacting 17.5 million Instagram users.
The leaked dataset, which includes usernames, email addresses, phone numbers, and partial physical addresses, is now being actively circulated on dark web forums.
In the aftermath, millions of Instagram users have reported receiving unexpected password reset emails from the platform’s legitimate domain: security@mail[.]instagram[.]com.
Although the emails are authentic, they were not requested by recipients, fueling widespread confusion over whether Instagram is experiencing a glitch or if users are being targeted in phishing attempts.
Security researchers now believe these unsolicited reset emails are directly linked to the breach, suggesting threat actors may be using the exposed data to initiate account recovery flows or to obscure targeted phishing activity.
The dataset is believed to have been obtained by a hacker known as “Solonik”, with the underlying issue reportedly tied to an API-related exposure dating back to 2024 (see screenshot 2).
As of now, Meta has not issued an official statement regarding the incident.
