Meta has patched a security flaw after hackers allegedly manipulated its AI-powered customer support chatbot to gain control of several high-profile Instagram accounts. Reports suggest the attackers used simple prompts to convince the chatbot to modify account recovery settings, allowing them to reset passwords and take over profiles. According to reports, hackers asked Meta’s AI support system to replace the email address associated with a targeted Instagram account.
How The Alleged Exploit Worked
Once the email was changed, they were able to trigger a password reset and gain access to the account without needing the victim’s email credentials. Researchers described the method as a form of prompt manipulation against the AI system.
Several Prominent Accounts Targeted
The alleged attack affected a number of high-profile Instagram accounts, including accounts linked to major brands, government organizations, and prominent public figures. Reports indicated that accounts associated with the Obama-era White House archive, beauty retailer Sephora, and senior US military personnel were among those targeted.
Meta Says Issue Has Been Fixed
Meta acknowledged the vulnerability and said the issue has now been resolved. The company stated that it is securing impacted accounts and reviewing the incident. However, it has not publicly disclosed how many users may have been affected by the flaw. The incident has reignited debate over the growing use of AI in customer support and account recovery systems.
Cybersecurity experts say the case highlights the risks of allowing AI tools to perform sensitive security-related actions without sufficient safeguards and verification checks.
ALSO READ: 90% Of Firms Increased AI Spending, Yet Few Can Prove Business Returns: Survey
