Instagram has fixed a security vulnerability that allowed hackers to take over user accounts by manipulating Meta’s AI-powered support chatbot. The attack exploited the automated system to bypass normal security protections and gain unauthorized access to accounts.
The security breach highlights growing concerns about AI systems in customer support roles and their potential vulnerabilities. As companies increasingly deploy chatbots to handle account recovery and support functions, this incident shows how these automated systems can become attack vectors when not properly secured.
Over the weekend, multiple users on Reddit and X reported their Instagram accounts had been compromised. High-profile targets included the Obama-era White House Instagram account and the account of U.S. Space Force Chief Master Sergeant John Bentivegna. Security researcher Jane Wong also confirmed her account was taken over, describing how “the password got changed without my knowledge and I was getting different password reset attempts.”
A video posted on social media revealed the step-by-step attack method. The process involved several key steps:
- Using a VPN to spoof the target’s location and avoid triggering automated security alerts
- Opening a chat with Meta’s AI Support Assistant
- Requesting the bot to add a new email address to the victim’s account
- Receiving a verification code at the attacker’s email address
- Sharing this code with the chatbot to trigger a password reset option
- Setting a new password to complete the account takeover
The attack’s effectiveness stemmed from a critical flaw: hackers never needed to compromise the victim’s legitimate email address. Instead, they could simply provide their own email and receive verification codes directly from Meta’s system. This bypassed the fundamental security assumption that only legitimate account owners would have access to their registered email addresses.
TechCrunch verified that the attacker’s email address shown in the demonstration video did indeed receive verification codes from Instagram’s systems. This confirmation underscores how the AI chatbot was inappropriately granting access without proper identity verification.
Instagram spokesperson Andy Stone confirmed on Monday that the security issue has been resolved. However, the company has not disclosed how many accounts were affected by this vulnerability or provided details about additional security measures being implemented.
This incident adds to growing security concerns around AI-powered customer service systems. While these chatbots can handle routine inquiries efficiently, they may lack the nuanced judgment needed for sensitive security operations like account recovery. The attack demonstrates how social engineering techniques traditionally used against human support agents can be adapted to exploit automated systems.
Meta did not respond to requests for additional comment about the security breach or steps being taken to prevent similar incidents in the future.