Meta insists systems were never breached, calling the issue a password reset glitch as users worry about privacy and phishing risks.

Continue reading
Instagram is at the center of a heated security debate after reports surfaced that data linked to roughly 17 million accounts appeared online on hacking forums. The dataset reportedly includes usernames, phone numbers, email addresses, and even physical addresses for millions of users. These claims sparked fresh fear about a large-scale breach affecting one of the world’s biggest social platforms.
Meta, Instagram’s parent company, has pushed back strongly against the idea that its systems were hacked. In an official statement, the company said it resolved a bug that allowed an external party to trigger mass password reset emails and assured users there was no breach of internal systems. Accounts, Meta insists, remain secure, and users should ignore unsolicited password reset emails.
The uproar began when cybersecurity firm Malwarebytes warned customers that a dataset allegedly tied to Instagram accounts was circulating freely on dark web forums. The leaked records, if legitimate, could be used for phishing, smishing (text-based phishing), or social engineering attacks, even though no passwords were included.
Even as Meta maintains that there was no breach, reports of unexpected password reset requests and unverified accounts of exposed personal information have left users uneasy. Some cybersecurity watchers speculate that the dataset may be a compilation of older scraped data rather than evidence of a fresh hack, but there’s no definitive proof either way.

DHS confirms a breach of its HSIN intelligence-sharing network during World Cup security operations; a senator warns of national security risk