This week has been a chaotic one, particularly for Instagram customers, after Malwarebytes introduced on the ninth of January that it had tracked a knowledge breach involving the Meta-owned platform. In accordance with the corporate, hackers had leaked knowledge from 17.5 million Instagram accounts on-line. The leaked info included usernames, e mail addresses, telephone numbers, and bodily addresses.
In Malwarebytes’ personal phrases on X (previously Twitter), “Cybercriminals stole the delicate info of 17.5 million Instagram accounts, together with usernames, bodily addresses, telephone numbers, e mail addresses, and extra.“
The tweet implied that the incident was a current knowledge breach. That declare is inaccurate. Hackread.com’s investigation confirms that whereas the information is actual and never fabricated, cybercriminals didn’t steal it, a minimum of not not too long ago.
To your info, Malwarebytes was referring to a BreachForums publish revealed on January 7, 2026, by a consumer going by the alias Solonik, titled “INSTAGRAM.COM 17M GLOBAL USERS – 2024 API LEAK.”
The publish claimed the information was from a 2024 breach and included usernames, emails, telephone numbers, consumer IDs, and partial areas. In actuality, Hackread.com’s investigation confirmed it was a repackaged scrape initially collected in 2022.
The identical knowledge was first leaked on BreachForums in June 2023 by a consumer generally known as “vanz,” and likewise surfaced on one other discussion board, LeakBase, across the similar time. Labeling it as a 2024 leak was a deliberate transfer to rebrand stale knowledge as new, a tactic usually used to inflate credibility and generate consideration.
Matching the Numbers
The so-called “newest” Instagram knowledge leak accommodates 17,017,213 consumer data. That quantity precisely matches the information leaked by “vanz” in June 2023 and by “Solonik” in January 2026. Not solely is the depend similar, however even a fast have a look at the pattern knowledge confirms it’s a direct copy. The format, fields, and entries all match the sooner leak.
Hackread.com cross-checked all 17,017,213 data and might affirm that the “new” leak is nothing greater than a re-post of the identical knowledge from 2022, repackaged as new.
Password Reset Emails and Instagram’s Straight But Obscure Response
After stories of the leak resurfaced, some customers started receiving password reset emails from Instagram. Initially, there was hypothesis that these have been phishing makes an attempt for the reason that knowledge didn’t embody passwords.
The emails got here from Instagram’s official area and have been verified, full with blue checkmarks, main many to imagine that Instagram had certainly been breached and attackers had accessed actual consumer knowledge.
Nevertheless, earlier at this time, on January 11, 2025, Instagram addressed the claims on X. The corporate denied any breach however acknowledged that a difficulty had allowed an exterior get together to set off password reset emails to some customers.
“We fastened a difficulty that permit an exterior get together request password reset emails for some individuals. There was no breach of our methods, and your Instagram accounts are safe. You’ll be able to ignore these emails. Sorry for any confusion,” Instagram tweeted.
That raises a much bigger query: Who was this exterior get together, and the way have been they in a position to ship authentic password reset emails? Was somebody, or some automated system, exploiting Instagram’s password reset characteristic utilizing the identical usernames from the scraped dataset?
Whereas it stays unclear who was behind the exercise, customers did obtain password reset emails they by no means requested, which added to the confusion and helped unfold breach claims.
The Tabloidisation of Cybersecurity Information
A rising difficulty in cybersecurity reporting is the rise of publications that function extra like tabloids than credible sources. These retailers rush to interrupt tales for clicks, usually counting on unverified claims from social media or Telegram channels with out performing even primary checks on the information.
As the most recent Instagram incident exhibits, no effort was made to substantiate the origin, age, or legitimacy of the data earlier than working dramatic headlines about “breaches.” In doing so, they unfold panic, confuse readers, undermine precise safety analysis, and harm public understanding of actual cybersecurity threats.
Recommendation for Instagram Customers: Phishing and Smishing Dangers Stay
Nonetheless, despite the fact that the leaked knowledge is previous, the data it accommodates is actual. That’s all scammers must launch focused phishing and smishing campaigns. Instagram customers listed within the knowledge must be on alert for suspicious emails pretending to be from Instagram, Meta, or different trusted companies.
These messages might attempt to trick customers into getting into their passwords, clicking on malicious hyperlinks, or downloading attachments. The identical goes for SMS messages that embody hyperlinks or pressing safety warnings. When you obtain a password reset e mail or message you didn’t request, don’t click on something. Go on to the app or website and confirm from there. Recycled knowledge nonetheless will get used, and infrequently causes harm years after it first leaks.
