Instagram is notifying users whose accounts were compromised through a vulnerability in Meta's AI-powered support chatbot. The company confirmed that hackers exploited the system to gain unauthorized access to user accounts, with the breach affecting both high-profile and everyday users.
According to reporting from 404 Media, targets included Barack Obama's White House account, beauty retailer Sephora, and US Space Force Chief Master Sergeant John Bentivegna. Everyday users also reported similar account hijackings on Reddit and X over the weekend.
The attack exploited Meta's AI assistant, which was designed to help users with account issues including password resets. Videos shared on social media platforms showed hackers manipulating the chatbot into resetting targeted accounts. In one example, a hacker instructed Meta's AI assistant to link an account to a new email address. The bot sent a verification code to that email and allowed the hacker to reset the account password once they entered the correct numbers. In at least one case, a hacker used a virtual private network to spoof the account holder's location and bypass Meta's security safeguards.
Meta rolled out the AI support assistant globally on Facebook and Instagram earlier this year. According to a March press release, the feature could "take action for you on a growing set of requests directly within Facebook and in the future, on Instagram." The capabilities included reporting scams, removing impersonation accounts, and resetting passwords. The company described it as "a major step in our work to deliver stronger support on our apps."
Meta announced on Monday that the issue had been resolved and that it was "securing impacted accounts." However, the exact number of affected users remains unclear. Reports indicate that stolen account handles were listed for sale on the Telegram messaging platform.
Security researchers have identified the attack as a form of "prompt injection," in which attackers manipulate AI chatbots into carrying out malicious actions. Aiden Sinnott, a principal threat researcher at cybersecurity firm Sophos, warned that this category of attack will become increasingly common as companies deploy chatbots without adequate protections.
The incident raises broader concerns about using artificial intelligence for essential security functions like password management. As Meta increases its investment in AI technology, with founder Mark Zuckerberg directing a $145 billion spend on AI infrastructure this year, security vulnerabilities in these systems pose significant risks to users.
This breach adds to Meta's ongoing security challenges. The company continues to invest in two-factor authentication and other protective measures, but the AI chatbot vulnerability represents an emerging risk category as artificial intelligence becomes more integrated into core platform functions. Users are advised to enable all available security features and monitor their accounts for suspicious activity.