Data from 17.5 million Instagram users has reemerged online following an incident in 2024.

Data from 17.5 million Instagram users has reemerged online following an incident in 2024.

      Instagram's 2024 data breach has resurfaced, creating a new wave of concern.

      A significant cache of Instagram user information has reemerged, potentially affecting millions of accounts over a year after the original leak was assumed to be resolved.

      Approximately 17.5 million accounts are impacted by this revival, following the data's circulation on a notorious hacking forum in early January 2026. A security notification from Malwarebytes identifies a hacker known as “Solonik” as the source of the leak. Although this appears to be a fresh breach, experts assert that the data originated from a misconfigured Instagram API in 2024, which enabled malicious actors to extract extensive profile information before Meta could address the vulnerability.

      When the incident first occurred, attackers managed to extract data discreetly for several months. The database eventually disappeared from the dark web, but its return underscores a frustrating aspect of the digital era: once your information is exposed, it remains accessible indefinitely.

      The resurfaced “doxxing kit” is particularly alarming due to its comprehensive nature. It contains not just usernames, but also full names, email addresses, phone numbers, and even residential addresses. This information is a treasure trove for cybercriminals, facilitating highly targeted attacks over generic spam. Malwarebytes has reported an increase in scammers posing as Instagram support to trick individuals into revealing their login details.

      A particularly clever tactic employed in this attack involves password reset scams. Instead of sending a suspicious-looking email, hackers trigger legitimate password reset requests from Instagram's servers. Users receive authentic emails from a “meta.com” or “instagram.com” address, causing panic that someone has accessed their account. In this state of confusion, they are more likely to succumb to subsequent phishing texts or calls.

      As of January 11, 2026, Meta has not publicly addressed the situation.

      While the primary effects have been observed in Europe thus far, the threat is worldwide, especially for anyone using the same password for Instagram as they do for their bank or email accounts.

      Security experts provide straightforward, essential advice: change your password immediately, ensure it is distinct, and enable two-factor authentication (preferably through an app rather than SMS). This latest leak serves as a stark reminder that even if a company rectifies a vulnerability, the data compromised may resurface unexpectedly.

      Moinak Pal has been actively reporting in the technology field, focusing on both consumer tech and automotive innovations.

      This Chrome extension enhances the usability of your X feed, eliminating the need to click on profiles just to determine someone's location.

      Recently, X added a “Based in” feature that displays a profile's location. Following this development, independent developer Rhys Sullivan created a Chrome extension that visually represents these profile tags as small national flags directly within the feed, allowing users to see an account's country without needing to visit the profile. The extension achieves this by accessing X's API endpoints from the browser while logged in, identifying usernames on the feed page and utilizing X's GraphQL AboutAccountQuery to retrieve the account_based_in data.

      Check out this new social app that enables you to spoil your favorite TV shows and books.

      Do you desire a safe space to discuss that latest episode? Phictly allows you and your friends to share the pace.

      Do you recall how the internet used to feel? That sense of discovering a small community where others shared your obsession for a particular show?

      Meta is facing scrutiny again over claims that it suppressed research indicating Facebook usage negatively affects user well-being.

      Recent court documents outline allegations that Meta concealed its own study on the mental health effects of Facebook. An unredacted legal filing has emerged, stating that Meta initiated an internal investigation named Project Mercury back in 2019.

Data from 17.5 million Instagram users has reemerged online following an incident in 2024. Data from 17.5 million Instagram users has reemerged online following an incident in 2024. Data from 17.5 million Instagram users has reemerged online following an incident in 2024. Data from 17.5 million Instagram users has reemerged online following an incident in 2024. Data from 17.5 million Instagram users has reemerged online following an incident in 2024. Data from 17.5 million Instagram users has reemerged online following an incident in 2024. Data from 17.5 million Instagram users has reemerged online following an incident in 2024.

Other articles

Chinese scientists have developed a high-voltage sodium-sulfur battery that may compete with lithium batteries. Chinese scientists have developed a high-voltage sodium-sulfur battery that may compete with lithium batteries. A group of researchers in China has recently unveiled a new design for sodium-sulfur batteries that could significantly alter the calculations surrounding energy storage. By embracing the unique chemistry that has traditionally posed challenges for engineers, they have successfully created a cell that is remarkably inexpensive to produce […]

Data from 17.5 million Instagram users has reemerged online following an incident in 2024.

Previously collected Instagram user data has reemerged, facilitating credible phishing and account takeover efforts, highlighting the enduring dangers of exposed personal information.