The internet was in a constant state of frenzy over the past few days as Instagram users received suspicious password change emails; however, the Meta-owned photo and video-sharing platform has denied falling prey to any breaches.
The purported, suspicious-looking password reset emails caused fears of a big-scale hack.
Directly addressing the situation on Sunday, the company noted that the influx of emails was a technical glitch, not a cyberattack.
Was Instagram users’ data really stolen?
This official denial is in direct contradiction with earlier reports, as antivirus software company Malwarebytes on January 9 shared a concerning update on Bluesky, claiming that cybercriminals successfully stole sensitive information from 17.5 million Instagram accounts.
As per the antivirus company, this compromised data includes usernames, physical addresses, phone numbers, and email addresses. The Bluesky post also warned that this data is available for sale on the dark web and is likely to be abused by cybercriminals.
Why instagram sent password reset emails?
Notwithstanding such grave allegations, Instagram, in a post on X, clarified that user data is safe, while admitting that they fixed an issue that allowed an external party to request password reset emails for some people.
The Meta-owned platform did not provide specific details about this external party or the nature of the issue; instead, it simply advised users to disregard the notifications.