top of page
Search

Instagram Password Reset?

Got an Instagram password reset email out of the blue? Here’s the lowdown.

If you’ve glanced at your inbox lately and seen a random email from Instagram asking if you want to reset your password, you’re definitely not the only one. Loads of people across the UK and beyond have been getting these over the last week.

The email usually looks something like this: “Hi [Username], we got a request to reset your Instagram password. If you ignore this message, your password won't be changed.”

If you didn’t actually ask for a reset, it’s enough to make you a bit twitchy. So, what’s actually going on?

Is it a hack?

Right around the same time these emails started flying about, a hacker going by the name ‘Solonik’ claimed to be selling a database on the Dark Web containing info on about 17 million Instagram users.

This data apparently includes things like:

  • Usernames and full names

  • Email addresses and mobile numbers

  • General locations

The good news: There are no passwords in that data dump.

The official word: Instagram (or Meta, if we’re being posh) has denied the two things are linked. They reckon they’ve fixed a glitch that let someone "spray" password reset requests to a bunch of accounts. Even if it was just a technical bug, it’s still a bit of a nuisance.

How to stay safe (without losing your head)

Scammers love a bit of chaos. Even if the original emails were a glitch, you can bet your life that fraudsters will start sending fake reset emails to try and nick your login details while everyone is already on edge.

Here’s how to handle it:

  1. Ignore the email: If you’ve got Two-Factor Authentication (2FA) turned on (and you really should), you can just bin the email. Your account is safe.

  2. Don’t click the links: If you’re worried and actually want to change your password, do not click the link in the email. Go directly into the Instagram app on your phone or type instagram.com into your browser yourself. That way, you know you’re not on a dodgy fake site.

  3. Check your logins: Since Meta owns everything these days, it’s worth checking your active sessions on Facebook and WhatsApp too. If you see a login from a town you’ve never visited or a device you don’t own, boot them out and change your details.

  4. Turn on 2FA: If you haven't done it yet, do it now. It’s the best way to stop someone getting in, even if they somehow manage to get hold of your password.

The bottom line: Don't panic, but don't be complacent either. Keep an eye on your inbox, stay off the suspicious links, and you'll be grand

 
 
bottom of page