If you have been receiving emails from Instagram prompting you to reset your password, you are in good company. Multiple users have reported the same issue as of late. While this may be an indication of a major data leak, Instagram has issued a statement assuring that this is not the case.
In an X post, the company asserted that no breach of its systems has occurred, and that user accounts remain secure. Instead, the password reset requests can be attributed to a bug, which has since been resolved. More specifically, the issue allowed an external party to request password reset emails for some users. Beyond that, though, the social media platform offered no further explanation.
Over the weekend, Malwarebytes warned its customers of a data breach involving 17.5 million Instagram accounts. Apparently, this leak may be linked to a prior API scraping incident from 2024. The leaked information includes details like usernames, physical addresses, phone numbers, and email addresses.
However, Instagram has claimed that it is unaware of any API compromises in 2022 or 2024, insisting that there has been no new breach. What’s more, it is unclear whether the leaked dataset was acquired recently. It’s possible that the information is from a much older breach in 2017.
Of course, regardless of whether this incident is related to a recent data breach, users should always exercise caution online. Unless you have initiated any account recovery procedures, you should ignore any emails requesting you to reset your password. Other than that, users can rely on any additional security features, like two-factor authentication.
(Source: Instagram via X, Bleeping Computer)
