嗯,用户让我帮忙总结一篇文章,控制在100字以内,而且不需要用“文章内容总结”这样的开头。首先,我需要仔细阅读文章内容,抓住关键信息。 文章主要讲的是Instagram发生了大规模的数据泄露事件,影响了1750万用户。泄露的数据包括用户名、住址、电话号码和邮箱地址。这个数据包被卖到网络犯罪论坛上,被称为“doxxing kit”,还包含了用户的物理地址,这比之前的泄露更严重。 此外,从1月10日开始,有百万用户收到了密码重置邮件,这引发了用户的困惑和对全球网络攻击的担忧。安全专家认为这是一个严重的隐私泄露,并且数据可能已经在暗网上流通了。 建议用户采取的措施包括不要点击密码重置邮件,通过应用重置密码,启用基于应用的双重认证,并检查第三方应用权限。 总结的时候要简洁明了,涵盖泄露的规模、数据内容、影响以及建议措施。确保在100字以内,并且直接描述内容。 </think> Instagram发生大规模数据泄露事件,约1750万用户信息被窃取并出售,包括用户名、住址、电话号码和邮箱地址等敏感信息。此次泄露可能结合了外部数据库信息,并使用户面临身份盗窃、勒索等风险。受影响用户已收到密码重置邮件,专家建议启用双重认证并检查第三方应用权限以应对潜在威胁。 2026-1-10 21:26:39 Author: securityaffairs.com(查看原文) 阅读量:9 收藏
A massive breach exposed data of 17.5M Instagram users
A massive breach exposed data of 17.5M Instagram users, triggering mass password reset emails and fears that stolen data is already circulating online.
A major data breach has exposed the personal data of about 17.5 million Instagram users, Malwarebytes Labs researchers warn. Exposed data includes usernames, physical addresses, phone numbers, and email addresses,.
Cybercriminals stole the sensitive information of 17.5 million Instagram accounts, including usernames, physical addresses, phone numbers, email addresses, and more. pic.twitter.com/LXvjjQ5VXL
— Malwarebytes (@Malwarebytes) January 9, 2026
Since January 10, 2026, a million users have received password reset emails, sparking confusion and fears of a global cyberattack. Security experts warn this is a serious privacy breach with real-world risks, and affected data may already be circulating on the dark web.
The researchers found a sensitive database for sale on a cybercrime forum, described as a “doxxing kit” affecting nearly 18 million Instagram users. Unlike past data scrapes, this leak includes physical home addresses linked to Instagram user IDs.
The stolen data likely didn’t come from Instagram profiles alone, attackers may have combined Instagram user IDs with data from external databases, such as marketing lists, data brokers, e-commerce platforms, or leaked customer records, to match usernames with real names and home addresses.
By linking online identities to physical addresses, the threat goes beyond spam or account takeovers. It enables stalking, swatting, extortion, and identity theft, turning a digital privacy breach into a potential real-world safety risk.
“The data is not just sitting idle. Reports indicate that portions of the 17.5 million record database are being auctioned on illicit marketplaces.” reported the website The Cybersec Guru. “The data is reportedly being sold in “batches” sorted by region and follower count, making influencers and high-profile business accounts primary targets.”
Instagram users should act now and assume possible exposure. Researchers recommend avoiding clicking password reset emails, resetting your password only via the app, and verify emails using Instagram’s official email log to spot phishing. Enable app-based two-factor authentication, preferring avoid SMS 2FA. Finally, review and remove unknown or unused third-party app permissions, which may have contributed to the breach.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, data leak)
如有侵权请联系:admin#unsafe.sh