What the Meta AI security vulnerability means for your Instagram
The Meta AI security vulnerability is a flaw in Instagram’s AI-powered support chatbot that allowed attackers to trigger password resets and seize accounts using manipulated text prompts instead of real verification. This Instagram account hijacking method relied on Meta’s own “Get Support” feature on the login page. Attackers first accessed the Instagram login screen from an IP address in the same region as their target, often by using a VPN. After clicking “forgot password” and entering the victim’s username, a button to contact Meta’s AI chatbot could appear. The bot then presented standard recovery options, such as sending a password reset code to the registered email or phone number. Instead of following these, attackers typed messages telling the bot to send the reset code to their own email, exploiting weak checks inside the AI system.
How the password reset exploit enabled Instagram account hijacking
In the reported cases, hackers used the AI chatbot’s control over password recovery to redirect the reset flow away from the real owner. According to PCMag, attackers could repeatedly prompt the bot until it agreed to send an 8-digit password reset code to an email address they controlled instead of the legitimate contact. Once they received the code, they entered it back into the chatbot and set a new password, gaining full access without knowing the original credentials. This password reset exploit reportedly helped apparent pro-Iranian hackers hijack high-profile accounts, including Barack Obama’s White House Instagram, retailer Sephora, and the US Space Force Chief Master Sergeant. The incident shows how giving an AI support tool direct power over password resets can expose users to Instagram account hijacking at scale when verification rules are too weak.
Why Meta's AI chatbot failed to protect accounts
The core problem was that the AI bot lacked strong verification steps to distinguish real account owners from attackers sending convincing text prompts. Instead of strictly enforcing preset choices that send codes only to registered email addresses or phone numbers, the chatbot sometimes treated free-form instructions as valid support requests and updated the destination for password reset codes. That behavior turned helpful language flexibility into a security gap. The exploit also appeared to work from any device as long as the attacker used an IP address in the same region, further weakening defenses. While Meta has said that “this issue has been resolved and we are securing impacted accounts,” the event highlights how AI tools with account-change permissions need strict rule-based controls, clear guardrails, and consistent identity checks before they are allowed to reset passwords or modify security settings.
Can two-factor authentication stop this kind of attack?
Two-factor authentication (2FA) is still one of the best ways to improve account takeover prevention, but in this case its protection was not fully clear. Reports shared on Telegram suggest mixed results: some users said they could not use the exploit on accounts protected by 2FA, while others reported losing their profiles despite having multi-factor protection enabled. This suggests the vulnerability may have bypassed normal flows in some situations, depending on how the AI chatbot handled security prompts for different accounts. Even if 2FA blocks many direct login attempts, any system that can reset passwords or change contact details needs to respect that second factor as well. If an AI agent can reset access without confirming 2FA, the protection is weakened. Users should still enable 2FA, but also treat it as one layer within a wider security strategy.
Practical steps to protect your Instagram from account takeover
To reduce your risk from similar flaws, start by enabling two-factor authentication in Instagram’s security settings and choose an authentication app rather than SMS when possible. Review your linked email addresses and phone numbers, removing old or unused ones, and make sure your primary email account has strong unique passwords and its own 2FA. Regularly check Instagram’s login activity and devices list for unfamiliar locations or hardware, and log out anything you do not recognize. Turn on security alerts so you get notifications about password changes, new logins, or contact detail updates. Be cautious when interacting with any support chatbot: do not share codes or screenshots showing password reset links. If your account is hijacked, use Instagram’s in-app recovery tools, submit an official support request from Meta’s help pages, and keep records of suspicious notifications or emails related to the incident.
