Hot
Video
Sports
Cricket
Entertainment
Technology
Health
Lifestyle
Auto
Business
Education
National
World
Politics
Travel
Food
17.5 Million Instagram Accounts' Sensitive Data Available On The Dark Web: Here's How To Stay Secure
GH News January 12, 2026 03:09 PM

Users report receiving multiple password reset emails from Instagram, allegedly triggered by hackers. Malwarebytes claims data from a 2024 breach is being exploited, though Instagram denies a breach, stating the accounts remain secure.

Several users are reporting of password account reset emails from Instagram, with some receiving mutlple consecutive emails with attempts to do a password reset. These triggers are said to have been done by hackers trying to hack your account. Malwarebytes claims that cybercriminals are using stolen information from a 2024 data breach to send these email. Instagram, however, maintains that there has been no 'breach'.

Malwarebytes claims that cybercriminals stole sensitive information of 17.5 million Instagram accounts, including usernames, physical addresses, phone numbers, email addresses, and more. This data is available for sale on the dark web and can be abused by cybercriminals. The breach and data leak is said to be due to a potential incident related to an Instagram API exposure from 2024.

Instagram, in a statement on X, said, "We fixed an issue that let an external party request password reset emails for some people. There was no breach of our systems and your Instagram accounts are secure. You can ignore those emails - sorry for any confusion."

While Instagram apologised and said that there is no 'breach', Malwarebytes explicitly says that the password reset hack was done through a data set that is already available on the dark web as a result of the 2024 data leak.

What information is available on the dark web of Instagram users?

1. Usernames

2. Physical addresses

3. Phone numbers

4. Email addresses

There is no way to know if you are a part of the 17.5 million Instagram accounts whose sensitive information is now on the dark web.

However, there are some precautions that you can take to ensure better security for your account.:

1. Ensure that you do not click on any link, if you have received the password reset email. Just ignore the email.

2. Enable 2FA authentication to your account for an additional layer of security.

3. Review logged in devices regularly by heading to your profile, click on the three dash icon on the top right > Accounts Centre > Passwords and Security > Accounts You're Logged In. This will help you get a sense of all the devices that you're logged in, and remove suspicious ones from the list.

You might like
Iran: internet outage reaches 84 hours as the Khamenei government suppresses demonstrators
Latur Municipal Election 2026: Due to indiscipline, the BJP suspends 17 employees and two former corporators
Samsung TV users, make these 4 changes to picture settings.
NASA makes historic decision to withdraw from ISS due to medical reasons
Pelicans Fire Coach Willie Green 12 Games Into His 5th Season Amid 2-10 Start
© Copyright @2026 LIDEA. All Rights Reserved.