.png){kind=logo}
A sizable stockpile of Instagram user data has appeared on dark web marketplaces. Information connected to about 17.5 million Instagram accounts is being actively traded and sold online, according to a new alert from cybersecurity company Malwarebytes.
This has caused serious concerns about user privacy and account security on social media. The leaked dataset reportedly contains sensitive personal details such as usernames, email IDs, contact numbers, and even portions of physical locations.
Security experts have warned that this data can lead to higher occurrences of account takeovers, identity theft, and phishing attacks.
Malwarebytes informed that users who were affected by the breach have been receiving unasked Instagram password change emails, which is a sign that the data has already been misused. The incidents highlight how cybercriminals are employing the stolen information to take over accounts by bypassing the security measures.
According to researchers' analysis of dark web listings, the data was allegedly scraped towards the end of 2024 using region-specific sources and public-facing APIs.
Under the identity ‘Subkek,’ the seller marketed the dataset with example records displaying complete phone numbers, email addresses, and a small amount of geographical data.
Cybercriminals can build highly targeted scam messages that seem to originate from Instagram or Meta, making it more difficult for users to recognize them as false, according to security specialists.
Instagram and its parent company, Meta, have not yet released an official statement clarifying whether the users’ data came from their systems or from another source. Investigations are still ongoing to find out how the information was acquired.
Also Read: Instagram Head Cautions That AI Content May Soon Overwhelm Social Media Feeds
Input your email address or phone number on haveibeenpwned.com to see if your account is impacted or not. Unsolicited password reset emails or unidentified devices shown in Instagram's Login Activity settings may also be a sign.
