Meta AI let hackers hijack Instagram accounts: Is your data at risk?
Follow UsMeta AI-powered support chatbot reportedly allowed hackers to take over Instagram accounts.
A video shared on X showed the entire process.
Instagram has confirmed that the issue has been resolved.
Meta AI-powered support chatbot reportedly allowed hackers to take over Instagram accounts, raising concerns about the risks linked to AI-driven customer support tools. Over the weekend, several users on Reddit and X (formerly Twitter) claimed that their Instagram accounts had been compromised. Among the reported victims was the Instagram account of the Obama-era White House, which had been inactive for years, as per TechCrunch.
SurveySecurity researcher Jane Wong also said her account was hijacked during the incident. “The password got changed without my knowledge and I was getting different password reset attempts throughout yesterday,” said Wong. “Quite concerning.”
Also read: OpenAI wants to build personal robots for everyone, Sam Altman starts hiring spree
Reports suggest that hackers were able to manipulate Meta’s AI Support Assistant into granting access to accounts that did not belong to them. A video shared on X showed the entire process. According to the video posted by @DarkWebInformer, the attacker first used a VPN to make it appear as though they were accessing Instagram from the same region as the target. This may have helped avoid triggering some of Instagram’s automated security systems.
The hacker then opened a conversation with Meta’s AI support chatbot and requested that a new email address be added to the victim’s account. The chatbot then sent a verification code to the email address provided by the attacker. After entering that code into the chat, the attacker was shown an option to reset the account password.
Once the password was changed, the attacker could take control of the Instagram account and potentially lock out the original owner.
Also read: Microsoft plans super app that unifies chat, coding and other Copilot AI tools: Report
Is your data at risk?
Well, you don’t have to worry as Instagram has confirmed that the issue has been resolved. Replying to an X user, Instagram spokesperson Andy Stone said, ‘This issue has been resolved and we are securing impacted accounts.’ However, the company has not revealed how many users may have been affected by the flaw. To reduce the risk of account takeovers, users should enable two-factor authentication, use a strong and unique password, and regularly review login activity on their accounts.
Also read: Perplexity faces legal challenge over alleged AI copyright theft: Here is what happened
