A threat actor has allegedly scraped 489 million lines of Instagram user data, including sensitive information, which is now reportedly being sold on the dark web.
DarkWebInformer’s official X account revealed the alarming incident, raising concerns over the scale and potential impact of the breach.
The compromised data includes many user details, such as usernames, email addresses, follower counts, following counts, and other personal information.
Build an in-house SOC or outsource SOC-as-a-Service -> Calculate Costs
While Instagram or its parent company, Meta, have not officially confirmed this, the threat actor claims the data trove is being offered for sale, sparking fears of its potential misuse for phishing attacks, identity theft, or other malicious purposes.
According to the report, the data leak does not include passwords or direct messages, but cybercriminals could still leverage the exposed personal information for targeted attacks.
The staggering number of affected users raises concerns for individual privacy and businesses and influencers who rely heavily on Instagram for their online presence.
This incident follows a growing data scraping trend in which automated bots gather publicly available information from social media platforms on a massive scale.
While scraping does not involve direct hacking or breaching secure databases, it still poses significant security risks, especially when data is aggregated and sold for malicious use.
Experts advise Instagram users to remain vigilant, especially regarding phishing attempts that may arise from this leaked information.
Users are encouraged to enable two-factor authentication (2FA), review their privacy settings, and be cautious of unsolicited emails or messages.
As the situation unfolds, cybersecurity experts call for stricter measures to prevent similar incidents and protect user data on social media platforms.
Run private, Real-time Malware Analysis in both Windows & Linux VMs. Get a 14-day free trial with ANY.RUN!
In a groundbreaking discovery on November 20, 2024, cybersecurity researchers Shubham Shah and a colleague…
A security flaw found in Android-based kiosk tablets at luxury hotels has exposed a grave…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued six Industrial Control Systems (ICS) advisories…
A sophisticated cyber campaign dubbed "J-magic" has been discovered targeting enterprise-grade Juniper routers with a…
In January, Netskope Threat Labs uncovered a sophisticated global malware campaign leveraging fake CAPTCHA pages…
In a recent technical investigation, researchers uncovered critical insights into the infrastructure linked to a…