Instagram Denies Data Breach Despite Users' Password Reset Requests

TEMPO.CO, Jakarta - Instagram has asserted that there has been no security breach, despite some users receiving suspicious password reset requests. The company emphasized that its system has not been compromised and that the incident was not caused by any data leakage.

This statement comes amid rising concerns after cybersecurity company Malwarebytes shared a screenshot of an email from Instagram notifying a password reset request. The screenshot was posted on the Bluesky platform last Friday.

In its post, Malwarebytes claimed that cybercriminals had stolen sensitive information from 17.5 million Instagram accounts, including usernames, physical addresses, phone numbers, email addresses, and other personal data.

The company also stated that the data was being offered for sale on the dark web and could be exploited by criminals, sparking speculation of a large-scale breach.

Instagram, however, denied these claims and provided clarification through a post on X, saying that it had "fixed an issue that let an external party request password reset emails for some people," as reported by TechCrunch on January 11, 2026.

The company did not provide further details about who these external parties were or the technical specifics of the issue, instead reassuring users that no further action was required.

In conclusion, Instagram advised, “You can ignore those emails — sorry for any confusion.”

Read: BMKG: New Moon on Jan. 19 May Trigger Coastal Floods in Indonesia

Click here to get the latest news updates from Tempo on Google News