13:26
India weighs cybersecurity rules that could force phone makers to share source code
11:56
Steam breaks its own record with over 42 million concurrent users
16:48
Italy fines Cloudflare €14.2M for refusing to block pirate sites via 1.1.1.1
14:35
Data breach exposes 17.5 million Instagram accounts
17:30
Apple may launch its first foldable iPhone as early as September
18:00
X could face a UK ban over Grok-generated explicit deepfakes
13:26
India weighs cybersecurity rules that could force phone makers to share source code
11:56
Steam breaks its own record with over 42 million concurrent users
16:48
Italy fines Cloudflare €14.2M for refusing to block pirate sites via 1.1.1.1
14:35
Data breach exposes 17.5 million Instagram accounts
17:30
Apple may launch its first foldable iPhone as early as September
18:00
X could face a UK ban over Grok-generated explicit deepfakes
13:26
India weighs cybersecurity rules that could force phone makers to share source code
11:56
Steam breaks its own record with over 42 million concurrent users
16:48
Italy fines Cloudflare €14.2M for refusing to block pirate sites via 1.1.1.1
14:35
Data breach exposes 17.5 million Instagram accounts
17:30
Apple may launch its first foldable iPhone as early as September
18:00
X could face a UK ban over Grok-generated explicit deepfakes
13:26
India weighs cybersecurity rules that could force phone makers to share source code
11:56
Steam breaks its own record with over 42 million concurrent users
16:48
Italy fines Cloudflare €14.2M for refusing to block pirate sites via 1.1.1.1
14:35
Data breach exposes 17.5 million Instagram accounts
17:30
Apple may launch its first foldable iPhone as early as September
18:00
X could face a UK ban over Grok-generated explicit deepfakes
Cybersecurity firm Malwarebytes has confirmed a data breach affecting 17.5 million Instagram accounts.
According to the company, the database is already being distributed for free on hacker forums, including BreachForums, where it was published on January 7, 2026, by a user known as “Solonik.”
Early warning signs appeared in early January, when users on the r/Instagram subreddit began reporting suspicious emails requesting password resets. The leaked dataset reportedly includes usernames, phone numbers, email addresses, and partial physical addresses.
Cyberinsider, citing Malwarebytes researchers, suggests the breach may stem from a vulnerability in Instagram’s public API dating back to 2024. While the exact attack vector has not been confirmed, the structure of the leaked data, including JSON fields and profile metadata, points to an API-related exposure or a connected third-party service.
Malwarebytes warns that the stolen data is already being used for phishing campaigns and account takeover attempts via password recovery mechanisms. Some users have received official password reset notifications from Instagram.
The company recommends that users check whether their data has been compromised using the Digital Footprint tool, change their passwords, and enable two-factor authentication to reduce the risk of account compromise.
Instagram later denied the breach and said it had fixed an issue that caused some users to receive password reset emails.
Editor’s pick
