Latest briefs Browse latest →
Meta’s own AI was exploited
Meta says Instagram resolved the security issue after the chatbot was blamed for granting access to victims' accounts
Briefing view
Visual briefing
1 / 6
Three things to know
- What happened
- Meta's AI support chatbot raises a security risk inside the company's account-recovery system after hackers used it to hijack Instagram accounts.
- Why it matters
- Meta says Instagram resolved the security issue after the chatbot was blamed for granting access to victims' accounts.
- What to watch
- The next test is whether Meta blocks chatbot email-change requests before attackers reach high-value usernames.
Follow the story
Sources & verification
Reporting behind this brief, checked before publication.
Brief text
Meta's AI support chatbot helped hackers hijack Instagram accounts by allowing account email changes and password resets. Meta says the issue has since been patched.
- Frame 1Meta's AI support chatbot raises a security risk inside the company's account-recovery system after hackers used it to hijack Instagram accounts.
- Frame 2Attackers asked the chatbot to link a new email address, then reset passwords on someone else's Instagram profile.
- Frame 3A Telegram video showed the method; some attackers used VPNs to appear near the account owner.
- Frame 4Users reported weekend takeovers on Reddit and X, including an inactive Obama-era White House Instagram account.
- Frame 5Meta says Instagram resolved the security issue after the chatbot was blamed for granting access to victims' accounts.
- Frame 6The next test is whether Meta blocks chatbot email-change requests before attackers reach high-value usernames.
How this was checked
- Reporting
- Cross-checked across 2 sources
- Claims
- We checked the names, dates, numbers, and core facts against the reporting linked above
- Artwork
- This is an editorial illustration based on the reporting, not source photography
- Published
- Jun 1, 6:09 PM EDT
- Our standards
- Editorial standards and corrections