Instagram Data Leak: 17.5 Million Users' Phone Numbers and Locations Exposed on Dark Web; Avoid Password Reset Emails

If you also use Instagram, then pause for a moment and take a look at your security settings… the news is a bit worrying. Reports are coming in that data of approximately 1.75 crore (17.5 Million) Instagram users worldwide has been leaked. And the fear is not just that your account might be hacked, but the threat is much bigger because this time the leak includes very private information like your location and mobile number.

What is the whole matter?

In the unseen world of the internet, the Dark Web, a database is being sold. According to a report by cybersecurity firm Malwarebytes, a hacker named 'Subkek' has claimed to possess the latest data of millions of Instagram users. It is being reported that this data was stolen or scraped in the last three months of 2024.

Is it not just about passwords?

Often we think that if data is leaked, we will just change the password and be done with it. But this time the matter is a bit serious. The leaked data includes users' usernames, email IDs, phone numbers, and parts of their physical addresses (location).

Now imagine, if a fraudster has your real name, phone number, and information about where you live, what kind of fraud can they commit against you? In technical terms, this is called identity theft or phishing. Hackers can use this information to send you messages that look legitimate, which you might trust and fall victim to fraud.

The Password Reset Trap

The impact of this leak is now becoming visible. Many users are complaining that they are repeatedly receiving "Reset your password" emails from Instagram.

Here, hackers are employing a trick. They know that you will be scared by the news of the data leak. Therefore, they are sending system-generated requests. This email is not fake; it comes from Instagram itself, but the request is initiated by the hacker.

As soon as you click on that link in panic or enter your information, the hacker gets an opportunity to breach your account. The FBI and cyber experts have clearly stated, "If you have not requested a password change yourself, then ignore such emails immediately. Do not click on any links."

Secure Your Instagram Account Like This

There is no need to panic; it's time to show a little common sense. To make your account as strong as iron, turn on a small setting today. This is called Two-Factor Authentication (2FA).

This is like a second lock on your house door. To turn it on, follow the simple steps given below.

• Go to your Instagram profile and tap on the three lines (Menu).
• Go to Settings and privacy, and then select Accounts Center.
• Click on Password and security there and turn on Two-factor authentication.

This will ensure that even if someone knows your password, they will not be able to access your account because they will not have the OTP that will come to your mobile number or WhatsApp.