Instagram has begun alerting users whose accounts were targeted by hackers who exploited the platform's AI-powered support chatbot. The notifications come after attackers found ways to take over accounts even following Meta's announced fix to the chatbot vulnerability.
The breach involved hackers manipulating Meta's AI support system to gain unauthorized access to user accounts. Meta had previously stated it resolved the security flaw in its AI chatbot, but victims continued to report compromised accounts after the supposed fix. The company is now reaching out directly to affected users to inform them their accounts were targeted in these attacks.
The incident highlights ongoing security challenges as companies integrate AI systems into customer service tools. Meta's AI chatbot was designed to help users with account issues, but attackers discovered methods to abuse the system for account takeovers. The exact mechanism hackers used to bypass the chatbot's security remains unclear, though the continued attacks after Meta's initial fix suggest the vulnerability proved more complex than initially assessed.
Meta has not disclosed how many users received notifications about the targeting, nor has the company provided specifics about what additional security measures have been implemented beyond the earlier fix. The notifications represent an effort to inform users who may need to take additional steps to secure their accounts, such as changing passwords or reviewing recent account activity.
The chatbot attacks add to a series of security incidents affecting Meta's platforms. As social media companies increasingly deploy AI tools to handle user interactions at scale, the systems present new attack surfaces for malicious actors. The Instagram notifications signal Meta's acknowledgment that the threat extended beyond its initial mitigation efforts, though the company has not commented on whether the vulnerability has now been fully resolved or if additional security work continues.