Millions of Instagram users have been put on high alert after receiving unexpected password reset emails, a move linked to a significant data leak. Security experts are urging caution, warning that the situation could be exploited by cybercriminals.
Details of the Data Breach
The incident stems from a reported leak of sensitive data from over 17 million Instagram accounts. According to the tech publication CyberInsider, this information was originally stolen during an API leak in 2024. A hacker, bypassing standard security, scraped the data, which was then published freely on the cybercrime forum BreachForums on Wednesday, January 7, 2026.
The threat actor responsible for publishing the dataset is known as "Solonnik". The sheer volume of records—17 million—has led cybersecurity professionals to label it a major security failure. Meta, Instagram's parent company, has not yet officially confirmed the breach or validated these claims.
Warning Over Suspicious Emails
In the wake of the leak, many users, including cybersecurity expert Davey Winder, reported receiving a "legitimate-looking email" on Friday, January 9. The email, which appeared to come from Instagram, stated the company had received a request to reset their account password.
The message contained a prominent blue 'Reset Password' button and text reading, "If you ignore this message, your password will not be changed. If you didn't request a password reset, let us know." Experts are clear: users should avoid clicking the reset button if the email seems at all suspicious. While attackers have the data, they would still require additional information to successfully hijack an account.
How to Protect Your Account
The key advice for users is vigilance. Do not click links or respond to unsolicited password reset emails. If you are concerned about your account security, you should navigate directly to the official Instagram website or app to change your password and review your security settings.
This incident serves as a stark reminder of the importance of using strong, unique passwords and enabling two-factor authentication where possible. The Mirror reports that cyber criminals are actively looking to exploit the situation, making user caution the first and most critical line of defence.
