Wing's drone deliveries are coming to 150 more Walmarts
What a new law and an investigation could mean for Grok AI deepfakes
If you received a bunch of password reset requests from Instagram recently, you're not alone. Malwarebytes, an antivirus software company, initially reported that there was a data breach revealing the "sensitive information" of 17.5 million Instagram users. Malwarebytes added that the leak included Instagram usernames, physical addresses, phone numbers, email addresses and more. However, Instagram said there was no breach and that user accounts were "secure."
In Malwarebytes post, the company added that the "data is available for sale on the dark web and can be abused by cybercriminals." Malwarebytes noted in an email to its customers that it discovered the breach during its routine dark web scan and that it's tied to a potential incident related to an Instagram API exposure from 2024.
"We fixed an issue that let an external party request password reset emails for some people," Instagram's post on X read. "There was no breach of our systems and your Instagram accounts are secure."
Update, January 11, 2026, 11:10AM ET: This story and its headline have been updated with Instagram's statement that was posted on X.
This article originally appeared on Engadget at https://www.engadget.com/cybersecurity/instagram-says-accounts-are-secure-after-wave-of-suspicious-password-reset-requests-192105188.html?src=rss
Original aticle here: Engadget
