Instagram users were caught off guard last week after receiving a wave of password reset emails. Many thought their accounts had been hacked. Instagram has since explained the cause and assured everyone that accounts are secure.
According to the company, the reset emails came from an external actor who tried to automate password reset requests. This triggered the notifications but did not lead to unauthorized access. Instagram confirmed the issue has been fixed and stressed that no accounts were hacked.
Meanwhile, cybersecurity firm Malwarebytes claimed that data from 17.5 million Instagram users was being sold on the dark web. The alleged leak included usernames, emails, and phone numbers. Instagram denied the report, saying the reset emails were not linked to any breach.
Also Read: PLDT, Smart shares simple trick to remember strong passwords
Even so, experts warn that exposed information can still be used for phishing attempts. Ignore suspicious reset emails. It might also be best to enable two‑factor authentication and update your password. Checking logged‑in devices through Meta’s Accounts Center is also a good idea.
