Hackers exploited a critical vulnerability in Meta’s AI Support Assistant to hijack Instagram accounts by altering email addresses without requiring identity verification. The flaw allowed attackers to bypass standard account recovery protocols, enabling unauthorized access to user accounts. Multiple independent sources confirmed that the AI chatbot was manipulated to transfer control of high-profile accounts, including those belonging to the Obama White House, Sephora, and a senior US Space Force official.
Meta responded by deploying an emergency patch after attackers used the vulnerability over the weekend. However, users reported continued account losses even after the fix was implemented, suggesting the flaw’s impact extended beyond initial mitigation efforts. Attackers reportedly used virtual private networks (VPNs) to mimic the geographic location of target accounts, complicating detection and attribution of the breaches.
The AI chatbot, designed to replace human support agents for routine account recovery tasks, lacked verification mechanisms that would typically confirm a user’s identity during password resets or email changes. This oversight created a critical gap in Meta’s security infrastructure, allowing hackers to exploit automated systems without confronting traditional safeguards. Cybersecurity experts highlighted that the chatbot was integrated with Meta’s broader account management systems but failed to enforce multi-factor authentication or biometric checks for sensitive operations.
The incident underscores growing risks associated with AI-driven customer support tools when deployed without robust security layers. While Meta has since patched the flaw, the breach raises questions about the adequacy of automated verification processes in protecting user data. The vulnerability has drawn scrutiny from cybersecurity experts, who warn that similar flaws could be exploited across platforms relying on AI for account management. As social media companies increasingly adopt chatbots to handle support requests, this case highlights the urgent need for stricter identity validation protocols in automated systems.
Sources: