A new data breach has reportedly exposed the personal information of 17.5 million Instagram users, raising fresh concerns about account security on Meta’s platforms. According to cybersecurity firm Malwarebytes, the leaked data includes usernames, email addresses, phone numbers, physical addresses, and other sensitive details.

The stolen data is already being offered on the dark web. This means that the cybercriminals might be actively using it for scam activities. According to Malwarebytes, it found that the data breach occurred during its regular scan on the dark web, which it associated with a potential exposure of the Instagram API back in 2024.
Since the breach, users have also reported receiving unexpected password reset notifications on Instagram. It has been advised that users not respond to password reset notifications that were not requested. To remain secure, users can and should change their passwords and enable two-factor verification; they should not reuse their passwords. Meta has not yet publicized a statement regarding this issue, and it is still unknown how users can be notified about their situation.

Meanwhile Grok gets banned. Pucha! Its crickets at DICT and NTC.