A breach of Instagram data exposed 6.2M records, focusing on public information and user contact details.
- Records exposed
- 6,215,150 records
- Breach date
- Breach Jan 7, 2026
- Last update
- Updated Jan 11, 2026
What data was exposed?
Fields reported as compromised in this breach record.
Why does this breach matter?
In-depth analysis of the breach and its implications.
In January 2026, scraped Instagram account data was circulated on a public hacking forum. The data, obtained through a claimed API scraping method, comprised approximately 17 million user accounts, with 6.2 million records containing email addresses and some including phone numbers. These records also included details like usernames, display names, and geolocations but excluded account passwords. The breach reportedly occurred concurrently with unrelated password reset events on the platform.
Impact Analysis
Understanding the scope and consequences of this breach.
- User Impact
- Users' public profiles and contact data were leaked.
- Business Impact
- The incident raised privacy concerns and platform credibility issues.
- Affected Sectors
- Social Media Platforms
- Geographic Impact
- Global
What You Should Do
Recommended actions to take in response to this breach.
If You Were Affected
- •Be cautious of phishing attempts leveraging disclosed email addresses.
- •Regularly update your email account security settings.
Preventive Measures
- •Implement multi-factor authentication for additional security.
- •Be mindful of the permissions granted to third-party applications.
Frequently Asked Questions
Common questions about this breach and what it means for you.