Instagram has moved to calm its users by refuting claims that the data of over 17 million users was compromised. Reports emerged on January 10 that account information had been leaked online, leading to many users receiving unexpected password reset emails.
Earlier, cybersecurity company Malwarebytes stated that the leaked data contained usernames, physical addresses, phone numbers, and email addresses of 17.5 million Instagram accounts. The firm warned that this information was being offered for sale on the dark web, posing a risk of exploitation by cybercriminals.
In response, Instagram clarified that there was no breach of their systems. The platform acknowledged an issue that allowed an external party to request password reset emails for certain users. Instagram assured its users that their accounts were secure and advised them to disregard the emails, expressing regret for any confusion caused.
Despite Instagram’s statement, users remained apprehensive about how an external party could trigger password resets. Some users questioned the distinction between a breach and the ability of an external entity to initiate a password reset, expressing concerns about their account security.
Instagram outlined several measures to enhance account security, including enabling two-factor authentication. Users were encouraged to update their email and phone number information to facilitate account recovery in case of unauthorized changes.
The platform also mentioned upcoming features, such as using WhatsApp for account protection in select countries. Users were advised to use two-factor authentication through their phone number or authenticator apps like Duo Mobile or Google Authentication to bolster their account security.
