alt Hacker NewsThis news answers a bunch of questions I’ve had.
I’ve got an Instagram burner I literally never use. Never clicked weird links, never logged in anywhere sketchy, so a phishing compromise makes zero sense. If my info got out, it likely came from Instagram’s side, not mine.
What’s interesting is the timing pattern. I started getting “reset your password” emails in early 2023, then they’d come in waves. It feels like the creds were getting resold and different people were taking turns running the same list. The emails were in different languages too, which tracks with whoever was firing off the requests.
Got another reset attempt a couple days ago. Congrats to the latest buyer: you bought pure schwag. Whatever value was in that list got milked long before it ended up public.
Replies
>Congrats to the latest buyer: you bought pure schwag. Whatever value was in that list got milked long before it ended up public.
Nobody is buying your account specifically, they're buying it bulk. At that scale the fact that a percentage of accounts are fake/burner/bots is baked whatever the buyer is expecting. If anything, the bigger issue is bot accounts, not random privacy-oriented people's burner accounts.
Instagram password reset can start from an email address.
> If my info got out, it likely came from Instagram’s side, not mine.
Did you use a burner email account to register? An account that was never used for anything else?