Instagram — 6.2M accounts
Severity: Medium · Kind: Data breach
We've ingested this item but haven't summarised it yet. Read the upstream advisory using the link below in the meantime — the AI summary will appear here once the next run completes.
From the source
In January 2026, data allegedly scraped via an Instagram API was posted to a popular hacking forum . The dataset contained 17M rows of public Instagram information, including usernames, display names, account IDs, and in some cases, geolocation data. Of these records, 6.2M included an associated email address, and some also contained a phone number. The scraped data appears to be unrelated to password reset requests initiated on the platform , despite coinciding in timeframe. There is no evidence that passwords or other sensitive data were compromised.
Breach facts
- Accounts affected
- 6,215,150
- Verified
- Yes
- Sensitive
- No
- Domain
- instagram.com
- Data exposed
- Display namesEmail addressesGeographic locationsPhone numbersUsernames
Was this useful?
Plain-English summaries are AI-generated and reviewed for tone, not technical accuracy. For incident response, always rely on the original source linked above.