17.5 Mn Instagram Accounts Compromised In Massive Data Leak: Report

​Cybersecurity firm Malwarebytes claims to have discovered the data during routine dark web monitoring and believes it originated from an Instagram API leak in 2024.

MITSloan ME Editorial

Topics

  • News

    1. In the UAE, Business Leaders View Uncertainty as an Opportunity, IBM Report Finds
    2. 17.5 Mn Instagram Accounts Compromised In Massive Data Leak: Report
    3. US Brings Qatar and UAE Into Silicon-Focused Economic Security Framework
    4. OpenAI Acqui-hires Convogo Team, Shuts Down Leadership Software Product
    5. Google Brings Gemini AI Features to Gmail
    6. Gemini’s Quiet 2025 Win: Eroding ChatGPT’s Traffic Share

    • Over the past week, several Instagram users reportedly received unsolicited password reset notifications. Cybersecurity firm Malwarebytes believes that the activity is linked to a security breach Instagram faced in 2024, which has now left 17.5 million accounts vulnerable due to a data leak. 

    According to the firm, the leaked data, which included usernames, full names, email addresses, phone numbers, partial physical addresses, and other contact details, has been shared on hacker forums and the dark web.

    ​Malwarebytes stated that it discovered the data during routine dark web monitoring and believes it originated from an Instagram API leak in 2024.

    “Cybercriminals stole the sensitive information of 17.5 million Instagram accounts, including usernames, physical addresses, phone numbers, email addresses, and more,” the firm shared on X.

    It warned of potential exposure to credential stuffing, where hackers use login credentials and other user information to log into user accounts on other platforms, resulting in phishing attempts or account takeovers.

    Responding to the leak reports, Instagram has confirmed that there has been ‘no breach’ despite receiving password reset requests.

    “We fixed an issue that let an external party request password reset emails for some people. There was no breach of our systems, and your Instagram accounts are secure,” it posted on X.

    In 2021, Facebook discovered data on over 533 million users from 106 countries, including more than 32 million records on users in the US, 11 million on users in the UK, and 6 million on users in India, had been stolen and published on the web for free.

    In May 2025, cybersecurity researcher Jeremiah Fowler found an unprotected online database that exposed over 184 million records tied to Apple, Google, Facebook, and Microsoft, along with government and financial services.

    Home to the second-largest social media user market in the world, India has the largest number of Instagram users (approximately 480.55 million as of October 2025), according to Statista, and boasts over 500 million Facebook and WhatsApp users, making it Meta’s largest single market.

    Topics

    About the Author


    View More

    Tags:

    More Like This

    You must to post a comment.

    First time here? : Comment on articles and get access to many more articles.