17.5M Instagram Accounts Personal Data Leaked on Dark Web

(MENAFN) A massive privacy breach has compromised the personal information of at least 17.5 million Instagram users, with the stolen data now circulating on the dark web, according to media outlets reporting Saturday.

Cybersecurity company Malwarebytes confirmed the leaked dataset contains usernames, complete names, email addresses, telephone numbers, incomplete mailing addresses, and additional contact details, media reported.

Though passwords were not part of the exposed information, security specialists caution the stolen data poses significant risks for identity theft and financial fraud schemes.

The security failure originated from a 2024 flaw in Instagram's API, cybersecurity publication CyberInsider reported.

Attackers allegedly circumvented Meta's conventional security measures and extracted sensitive user information before a hacker using the alias "Solonnik" uploaded the records to BreachForums this week, distributing the dataset at no cost.

"Such a massive leak significantly increases the risk of phishing campaigns and targeted fraud," experts told Malwarebytes, the outlet noted.

In the breach's aftermath, users spanning multiple geographical areas have flagged receiving abnormally high numbers of password reset emails, intensifying concerns about account compromise.

Meta, the US-based corporation that operates the social media platform Instagram, had not released any official statement acknowledging the breach as of early January.

Instagram's official support documentation states that receiving a password reset email doesn't automatically confirm a hack, though cybersecurity professionals recommend users exercise heightened vigilance.

The compromised information allegedly impacts Instagram accounts worldwide, encompassing both private users and influencer accounts.

This breach arrives as social media corporations face mounting pressure over their data security protocols.

MENAFN12012026000045017169ID1110585025