TRENDING
Sunday, 17 May 2026
----------------------
30 Dhu Al-Qi'dah 1447 AH
A massive data breach has exposed details of 17.5 million Instagram users, according to Malwarebytes. The leaked data is already circulating on hacker forums, raising fears of phishing, impersonation and account takeovers worldwide.
A data breach affecting 17.5 million Instagram accounts has been confirmed by cybersecurity firm Malwarebytes, which warns that the stolen data is already being shared freely on underground hacker forums.
In an email alert sent to users on Friday, Malwarebytes said the exposed information was discovered during its dark web monitoring operations. The leaked dataset contains a wide range of sensitive user information, including usernames, full names, email addresses, phone numbers, partial physical addresses and other contact details.
Security experts warned that attackers are likely to exploit the exposed data for impersonation scams, phishing campaigns and credential-harvesting attacks. Malwarebytes cautioned that criminals could abuse Instagram’s password reset mechanism to attempt account takeovers using the leaked contact information.
The data is believed to originate from an Instagram API leak dating back to 2024. A threat actor using the alias “Solonik” published the dataset on BreachForums on January 7, 2026, offering it for free. The post claims to contain more than 17 million records in JSON and TXT formats and alleges that Instagram users worldwide are affected.
Sample data shared on the forum reportedly includes usernames, email addresses, international phone numbers and user IDs, findings that Malwarebytes said align with its own analysis. The structured format of the records suggests the information may have been extracted from API responses, possibly through insecure endpoints or misconfigured systems before 2025.
Meta, Instagram’s parent company, has not yet confirmed the breach. Requests for comment have gone unanswered, and there is currently no official statement on Meta’s security pages or social media channels.
Malwarebytes warned that some users are already receiving Instagram password reset notifications, which could be either legitimate or part of malicious exploitation attempts. Users whose details were exposed may also receive realistic-looking emails or messages urging them to verify their accounts.
To help users assess their risk, Malwarebytes is offering a free Digital Footprint scan that allows individuals to check whether their email addresses appear in the leaked dataset. The firm strongly recommends that Instagram users reset their passwords immediately and enable two-factor authentication to reduce the risk of account compromise.