Instagram Password Reset Email Glitch Hits Millions Amid 17.5M Data Leak Claims
Meta claims the recent Instagram password reset email wave was a fixed glitch, but new reports suggest 17.5 million accounts may have had their data leaked.
17.5 million users might be at risk. What Meta described as a harmless technical glitch regarding Instagram password reset email notifications is now facing intense scrutiny as conflicting security reports emerge.
Meta Denies Breach Despite External Reports
According to The Verge, Instagram recently addressed an issue where users were flooded with unauthorized password reset requests. Meta stated on X that an "external party" triggered the emails but insisted that there was no breach of its internal systems. However, security firm Malwarebytes paints a far more concerning picture.
Information on 17.5 million Instagram accounts, including usernames, physical addresses, phone numbers, and emails, has reportedly been compromised.
The Discrepancy in Security Statements
While Meta advises users to simply ignore the emails, the scale of the data reportedly found by Malwarebytes suggests a massive coordinated effort. Industry analysts suggest this could be a 'credential stuffing' attack where hackers use previously leaked data to gain access to active accounts, triggering the platform's automated security responses.
Authors
Related Articles
A critical vulnerability in Starlette—downloaded 325 million times per week—puts millions of AI agent servers at risk, exposing stored credentials for email, databases, and third-party services.
GitHub confirmed hackers stole data from 3,800 internal repositories via a poisoned VS Code extension. Here's why developer tools are now the most dangerous attack surface in tech.
A law firm marketing itself on AI-powered legal success submitted fake citations in a federal appeal. Now its lawyers face sanctions — and the broader AI legal industry faces a credibility crisis.
A Utah woman was sentenced to life in prison partly because of her Google searches and deleted texts. The Kouri Richins case reveals how digital footprints have become the courtroom's most reliable witness.
A critical vulnerability in Starlette—downloaded 325 million times per week—puts millions of AI agent servers at risk, exposing stored credentials for email, databases, and third-party services.
GitHub confirmed hackers stole data from 3,800 internal repositories via a poisoned VS Code extension. Here's why developer tools are now the most dangerous attack surface in tech.
A law firm marketing itself on AI-powered legal success submitted fake citations in a federal appeal. Now its lawyers face sanctions — and the broader AI legal industry faces a credibility crisis.
A Utah woman was sentenced to life in prison partly because of her Google searches and deleted texts. The Kouri Richins case reveals how digital footprints have become the courtroom's most reliable witness.
Thoughts
Share your thoughts on this article
Sign in to join the conversation