Instagram’s massive 2024 data exposure has unexpectedly resurfaced, putting millions of users back at risk long after the original incident was believed to be resolved.
A large collection of Instagram user information has once again started circulating online, reigniting concerns about privacy and account security. The dataset reportedly contains details linked to around 17.5 million accounts and has appeared on a well known hacking forum in early January 2026. Security researchers say the information traces back to a flaw discovered in 2024 that allowed attackers to scrape public and semi private profile data before the issue was patched.
According to a recent alert shared by cybersecurity firm Malwarebytes, the resurfaced data was posted by an individual using the alias “Solonik.” While the leak may look like a fresh breach at first glance, analysts confirm the data originates from an earlier mistake involving a misconfigured Instagram API. That flaw made it possible for bad actors to quietly collect user information over an extended period before Meta stepped in to shut it down.
When the database initially disappeared from underground forums, many assumed the threat had passed. Its reappearance highlights a harsh reality of modern data leaks: once personal information escapes into the wild, it can resurface at any time.
The newly circulated dataset is especially concerning due to the level of detail it contains. In addition to usernames, the records reportedly include real names, email addresses, phone numbers, and even physical home addresses. This kind of information gives scammers and cybercriminals far more leverage than typical spam lists, enabling them to craft highly targeted attacks that feel legitimate.
Security teams are already seeing an increase in scam attempts tied to the leak. Malwarebytes reports a surge in fake messages posing as official Instagram support communications, designed to trick users into revealing login credentials or clicking malicious links. These scams often feel convincing because they rely on real personal data rather than generic messaging.
One particularly effective tactic linked to this leak involves abusing Instagram’s own password recovery system. Instead of sending obviously fake emails, attackers are triggering real password reset requests through Instagram’s servers. Victims then receive legitimate emails from addresses ending in “meta.com” or “instagram.com,” which creates panic and lowers suspicion. In that moment of urgency, users may be more likely to respond to follow up phishing texts or phone calls that attempt to steal account access.
While much of the early impact appears to be concentrated in parts of Europe, experts warn that the risk is global. Anyone whose data was included in the original 2024 scrape could still be vulnerable, especially users who reuse passwords across multiple platforms. If the same password protects an Instagram account and a banking or email account, the potential fallout becomes far more serious.
As of January 11, 2026, Meta has not issued a public statement addressing the resurfaced data. The silence has left many users relying on advice from independent security professionals rather than official guidance.
Cybersecurity experts continue to stress the importance of basic but critical account hygiene. Users are strongly encouraged to change their Instagram passwords immediately, ensure those passwords are unique, and enable two factor authentication using an authenticator app rather than SMS when possible. Additional guidance on protecting accounts from similar threats can be found in broader discussions around recent security breaches affecting major platforms.
This incident also serves as a reminder that data leaks rarely end when a vulnerability is fixed. Even long after a flaw is closed, the information collected during that window can continue to circulate, fueling scams and identity abuse years down the line.
With phishing techniques becoming more sophisticated and attackers leveraging legitimate systems to appear trustworthy, staying alert has never been more important. Resources explaining common password reset scams can help users recognize warning signs before it is too late.
