Instagram asked millions to reset passwords, but Meta says it was just a bug

Millions of Instagram users received password reset emails this week, initially raising fears of a new data breach involving 17.5 million accounts with leaked personal information including usernames, addresses, and phone numbers. Meta clarified the emails resulted from an API bug that allowed mass password resets rather than an actual breach, and security researchers believe the circulating data likely stems from previous incidents in 2017 or 2022, not a new attack.