What Happened: An AI Chatbot Turned Into an Account Takeover Tool
The Meta AI vulnerability was a security flaw in Instagram’s AI-assisted support chatbot that let attackers reset passwords and change account email addresses without the victim’s login credentials, turning a help feature into a powerful account takeover attack. Reports on Reddit and X described people waking up to find their Instagram account hacked, with passwords changed and access completely lost. Instead of breaking passwords, attackers persuaded Meta’s own AI support assistant to attach a new email address to a target account and then used that to trigger a password reset exploit. High-profile and everyday accounts were affected, including inactive but valuable usernames and public figures’ profiles. For many victims, two-factor authentication did not save them, highlighting how dangerous it is when recovery flows themselves are exposed. The incident shows how a single weak AI workflow can undermine otherwise strong security measures.
How the Password Reset Exploit Worked Step by Step
Hackers used Meta’s AI support assistant like a customer service agent willing to skip basic checks. Demonstrations shared online show attackers connecting through a VPN near the victim’s location to avoid unusual-login alerts, then opening a chat with the Meta AI support chatbot. They asked to link the target’s Instagram account to a new attacker-controlled email address. The bot sent a verification code to that email, which the attacker copied back into the chat. Once confirmed, the chatbot displayed a password reset option that sent a link or button tied to the new email, allowing the attacker to set a fresh password and lock out the real user. According to Meta’s breach notice, the bug meant “the system did not properly verify that the email address provided … matched the email address associated with that user’s Instagram account,” making the takeover path wide open.
Meta’s Missed Fix and the Scale of the Breach
Meta first responded by removing or changing the visible “Get Support” or similar UI entry points to the AI support flow, but developers and users say that only hid the problem. Backend API endpoints that powered the same password reset exploit remained reachable, so attackers could continue to script or prompt their way into accounts even after Meta claimed the issue was resolved. Android Authority reports that Instagram account hacked complaints kept coming and that some users in security communities believed Meta had only removed the frontend button. Meanwhile, Meta disclosed in a notice that hackers used the Meta AI vulnerability to compromise 20,225 accounts. Contact information, direct messages and connected services, such as email IDs, were potentially exposed. Meta says the bug is now fixed and that it will only relaunch the AI support tool after strengthening verification checks.
Why This Meta AI Vulnerability Matters for Everyone
The incident is a warning about outsourcing sensitive recovery tasks to AI. Meta’s chatbot was launched to offer 24/7 help with issues like password updates, but it behaved like an inexperienced human support agent with too much power and not enough guardrails. Security experts note that Meta deployed the AI quickly without strict limits on what it could change in user accounts, and attackers took advantage of the gap. This kind of account takeover attack is especially dangerous because it bypasses normal defenses like strong passwords or unique usernames; the weak point is the recovery flow itself. It highlights that even if you never share your password and enable every security option, a misconfigured AI support system can still get your Instagram account hacked. Platforms and users alike need to treat AI assistance as part of the security perimeter, not just a convenience.
What Instagram Users Should Do Now to Protect Their Accounts
Meta says it is securing impacted accounts and may ask some users additional security questions or send password reset prompts. If your Instagram account hacked alerts or login emails appear unexpectedly, assume your profile may have been targeted by this account takeover attack. Immediately change your password from a trusted device and enable two-factor authentication using an authenticator app instead of SMS where possible. Review your account email and phone number in settings to confirm they are still yours, and check connected apps or services for anything unfamiliar. Watch for unusual direct messages or changes to your profile, especially if you handle a brand, creator, or high-value username. Finally, be cautious when interacting with AI-based support features on any platform; if a bot offers to change sensitive settings too easily, stop and use documented support channels instead.
