Instagram has confirmed it recently fixed an issue that allowed an external party to request password reset emails for some users.
In a statement posted on X (formerly Twitter) on January 10, the company said there was no breach of its systems and that Instagram accounts remain secure. The company added that users who received the emails can safely ignore them and apologized for any confusion caused.
We fixed an issue that let an external party request password reset emails for some people. There was no breach of our systems and your Instagram accounts are secure.
— Instagram (@instagram) January 11, 2026
You can ignore those emails — sorry for any confusion.
Some users reported receiving password reset notifications despite not requesting a reset, prompting questions about account security. Instagram said the issue has been resolved and emphasized that no user accounts were compromised as a result.
As a general precaution, users are advised to be cautious with unsolicited emails and avoid clicking unexpected links. Any password changes should be made directly through the Instagram app. Enabling two-factor authentication (2FA) and reviewing recent login activity can provide additional account protection.
Leave a Reply