JAKARTA - The problem of data theft is now haunting Instagram users. Based on a report from the cybersecurity company Malwarebytes, millions of user data leaked to the dark web after an email requesting an Instagram password reset circulated.
Temuan Malwarebytes, sebagaimana dilansir melalui 9to5mac, mencatat bahwa data pribadi ini berasal dari 17,5 juta pengguna. Informasi sensitif yang dijual oleh penjahat siber di dark web ini terjadi dari nama pengguna, alamat fisik, nomor telepon, hingga alamat email yang masih aktif.
The data leak that occurred in the midst of this massive password reset request was denied by Instagram. In a post uploaded on X, formerly known as Twitter, Instagram said that they did not find a breach as many users feared.
"We have fixed an issue that allowed external parties to submit password reset emails for some people. There was no breach of our systems and your Instagram account is safe," Instagram wrote, quoted on Tuesday, January 13.
This rebuttal shows that data leaks do not occur because cybercriminals have managed to penetrate Instagram's defenses. According to Malwarebytes, this data leak is most likely related to a vulnerability in the Instagram API system that was detected since 2024.
Although Instagram denied data leaks, Instagram reminded users not to click on links in password reset emails they receive. Security experts also warned of the same thing so that users are not trapped by phishing attacks.
You can only tap the email link related to Instagram if you are the one who filed a reset or other complaint first. You can also tap the link if the email you received is indeed official from the company. Be sure to check the email first.
The English, Chinese, Japanese, Arabic, and French versions are automatically generated by the AI. So there may still be inaccuracies in translating, please always see Indonesian as our main language. (system supported by DigitalSiber.id)
