The company stated that the incidents were caused by an external party exploiting a now-patched vulnerability that allowed unauthorized password reset requests without compromising user accounts.
The social media platform emphasized that user accounts remain secure and that unexpected reset emails can be safely disregarded.
This statement comes in the wake of a significant data leak affecting approximately 17.5 million Instagram accounts, with sensitive information including usernames, email addresses, phone numbers, and partial location details being advertised on dark web forums.
In an official statement, Instagram acknowledged that it had “fixed an issue that let an external party request password reset emails for some people.”
The company stressed there was “no breach of our systems” and reassured users that their Instagram accounts “are secure.”
The flaw did not allow attackers to change passwords or gain unauthorized access; instead, it enabled threat actors to trigger legitimate password reset emails as a harassment or social engineering tactic.
Instagram advises users to ignore any unsolicited password reset emails received during this period.
Security experts recommend implementing additional protective measures, including enabling two-factor authentication, using strong, unique passwords, and remaining vigilant against phishing attempts that reference recent security incidents to appear legitimate.
The timing of this vulnerability disclosure, alongside the emergence of the 17.5 million-record dataset, has raised concerns that threat actors may have leveraged the leaked contact information to target specific users.
While Instagram maintains that its core infrastructure was not compromised, security professionals warn that the combination of large-scale data scraping and platform vulnerabilities poses significant risks to users.
The incident underscores the importance of multi-layered security practices and the risks posed by exposed personally identifiable information circulating on cybercrime forums.
Users are encouraged to review their account security settings and monitor for suspicious activity.
Follow us on Google News , LinkedIn and X to Get More Instant Updates. Set Cyberpress as a Preferred Source in Google.
The post Instagram Confirms No System Breach, Resolves External Party Password Reset Issue appeared first on Cyber Security News.
Teenage Sex and Death at Camp Miasma will premiere in theaters on August 7. This…
Hyrule Warriors: Age of Imprisonment is a Switch 2-exclusive that was released in November of…
Since its release in 1997, Mortal Kombat: Annihilation’s place in the annals of video game…
Netflix has confirmed that it is developing Grown Ups 3 with Adam Sandler, over a…
Netflix has another big-budget comic book adaptation in the works, with the streamer giving a…
WASHINGTON, (WOWO) — U.S. Sen. Todd Young (R-Ind.) is part of a group of senators…
This website uses cookies.