Meta AI Support Exploit Enables Instagram Account Takeovers
Hackers used Meta’s AI support chatbot to add attacker-controlled emails and reset Instagram passwords; Meta patched the flaw on May 29 and said it is securing impacted accounts.
The GuardianHackers trick Meta AI support bot to infiltrate Obama White House Instagram account
GizmodoHackers Tricked Meta AI Into Handing Out Access to Major Instagram Accounts
ARS TechnicaHackers duped Meta AI support chatbot to steal celebrity Instagram accounts
The VergeMeta’s own AI was exploited to hijack Instagram accounts
TechCrunchHackers hijacked Instagram accounts by tricking Meta AI support chatbot into granting access | TechCrunch
Overview
Meta said it resolved the issue and secured impacted accounts after an emergency patch on May 29.
Hackers persuaded Meta’s AI support chatbot to add attacker-controlled emails and used verification codes to reset Instagram passwords while spoofing victims’ regions with VPNs, security researchers said.
On May 31, researcher ZachXBT posted that the AI support allowed password resets without two-factor authentication by not verifying requesters.
High-profile targets included the Obama-era White House account, Sephora, and the U.S. Space Force chief master sergeant, and one report said the exploit dated back to February and may have compromised thousands.
Researchers are continuing to analyze the exploit’s mechanics while Meta investigates and secures accounts, and it remains unclear exactly how many users were impacted.
Analysis
Center-leaning sources frame the incident as a preventable security failure and a sign of growing AI risk, highlighting high-profile account takeovers and Meta operational lapses. Editorial choices prioritize alarm through vivid examples and speculative links to broader AI threats while relying on sourced quotes for dramatic claims rather than definitive evidence.