A major cybersecurity incident has resulted in the exposure of data linked to approximately 17.5 million Instagram accounts, with the compromised information now circulating within dark web marketplaces.
The disclosure was reported earlier this week by cybersecurity firm Malwarebytes and has raised serious concerns around user privacy and account protection. The leaked dataset contains a broad range of personal details that significantly increase the risk of account takeover and identity abuse.
According to Malwarebytes, the exposed information includes Instagram usernames, email addresses, phone numbers, and partial physical location data. This combination of identifiers enables threat actors to conduct highly targeted phishing, social engineering, and identity theft operations. The firm confirmed that the database is actively being traded on underground forums, making it widely accessible to cybercriminal networks.
Evidence of active exploitation has already emerged. Several users have reported receiving legitimate Instagram password reset notifications, suggesting attackers are attempting to gain unauthorized access using the leaked data. The exposure of contact details tied to Instagram accounts also increases the likelihood of convincing phishing messages impersonating Instagram or its parent company, Meta.
Listings observed on dark web platforms advertise a dataset containing 17.5 million Instagram user records collected in late 2024. The data reportedly spans multiple regions worldwide and includes usernames, full email addresses, phone numbers, and partial location information. This aligns with Malwarebytes’ warning that the leaked data is being actively abused.
The individual selling the dataset, operating under the alias “Subkek,” claims the information was recently scraped during the final months of 2024 using public APIs and region-specific data sources. Sample records displayed in the listings appear to support these claims.
Users who believe their accounts may be impacted are strongly advised to enable two-factor authentication, update passwords using strong and unique credentials, and closely monitor for suspicious messages or login alerts. Reviewing connected applications and watching for unauthorized access attempts is also recommended.
Instagram and Meta has not issued an official statement addressing the incident or outlining mitigation measures. Cybersecurity analysts continue to investigate the source of the data exposure to determine whether it originated from a weakness within Instagram’s infrastructure or through a third-party service.
Found this article interesting? Follow us on X(Twitter) ,Threads and FaceBook to read more exclusive content we post.
