'The Chatbot Asked No Questions': Hackers Reportedly Talked Meta AI Into Surrendering High-Profile Instagram Accounts
Meta's AI support bot flaw exposes Instagram accounts to hackers
A wave of Instagram takeovers has exposed an alarming weakness inside Meta's customer service, after hackers reportedly seized high-profile accounts by politely asking the company's own AI support bot to swap the login email.
The technology outlet 404 Media first reported on 1 June 2026 that attackers had tricked Meta's AI-powered support assistant into attaching email addresses they controlled to accounts they did not own. That one step triggered a password reset and shut out the rightful owners.
Meta says it has since fixed the flaw, yet the episode has reignited a fierce argument about handing account security to automated systems.
The Polite Request That Cracked Instagram Open
The method was striking for its simplicity. Security researchers who studied videos and screenshots circulating on Telegram and X described a short routine that began with a VPN, used to make the attacker's location appear close to the target's usual region.
New: Hackers have been stealing high-profile Instagram accounts by simply asking Meta's AI support chatbot to change the email associated with the account they want to steal.
— Jason Koebler (@jason_koebler) June 1, 2026
Shockingly easy, terrible flaw associated with offloading support to AI:https://t.co/PvRm8u0MV7
The hacker would then open a chat with Meta's support assistant and ask it to link a fresh email address to the victim's username. Meta had launched the assistant late in 2025 with a promise to make account recovery faster and simpler, and by this spring it could reset passwords on request.
One clip showed an attacker typing little more than 'Just link my new email address' before supplying a code. The bot then sent a verification code to the attacker's inbox and produced a password reset button, according to demonstrations reviewed by reporters. TechCrunch said it had verified that an attacker-controlled mailbox received the reset code. Reports differed on whether two-factor authentication stopped the trick, with some researchers claiming protected accounts were still hit and others arguing that any multi-factor login would likely have blocked it.
How hackers get to hack into Instagram accounts using Meta AI chatbot
— Opeyemi🦍 (@king_yungzel) June 1, 2026
📹 Credit: 404 Media https://t.co/q5MGjFLyUm pic.twitter.com/Q8lmMXkWkr
What unsettled researchers was the near-total absence of conventional hacking. The scheme needed no malware, no stolen password and no insider, only a believable chat and a spoofed location. Meta had even marketed the assistant's awareness of familiar devices and places as a safety feature, which the VPN manoeuvre quietly turned on its head.
The Accounts That Fell
The takeovers struck a roster of prominent profiles. Among them sat the dormant @obamawhitehouse account, which had not posted since January 2017, and which briefly displayed an AI-generated image carrying a caption claiming the White House was under Shiite control. The defacement, reported by TMZ, handed the breach an unmistakably political edge.
Other confirmed victims widened the picture considerably. The account of the US Space Force's senior enlisted leader, Chief Master Sergeant John Bentivegna, was compromised, alongside the corporate page of the beauty retailer Sephora.
Jane Manchun Wong, an app researcher who once worked at Meta, said her own account was seized, writing on X that her password had changed without her knowledge. She added that she was repeatedly logged out of the Instagram app and hit with a string of reset attempts. Across the preceding weekend, other users on Reddit and X had flagged near-identical hijackings.
Even my Instagram account got hacked
— Jane Manchun Wong (@wongmjane) June 1, 2026
The password got changed without my knowledge and I was getting different password reset attempts throughout yesterday. And I got repeatedly logged out from the IG iOS app
Quite concerning https://t.co/F6wjKYrlBo
Meta moved to contain the fallout on 1 June. Andy Stone, the company's vice-president of communications, said on X, 'This issue has been resolved and we are securing impacted accounts.' The company did not publish a detailed breakdown of how many users had been affected before the fix landed.
This issue has been resolved and we are securing impacted accounts.
— Andy Stone (@andymstone) June 1, 2026
The scale of the damage quickly became a public dispute. Nikita Bier, X's head of product, called the incident 'easily the biggest breach in Meta/Facebook history' and noted that it followed the removal of end-to-end encryption from Instagram messaging a month earlier. Stone pushed back on one viral assertion, rejecting as 'totally false' the claim that the private messages of world leaders had been exposed.
A Warning About Outsourcing Trust to AI
The exploit arrived at a sensitive moment for Meta's automation drive. The company had spent recent months expanding its AI support assistant, promoting it as a faster route to recover locked accounts and granting it the power to reset passwords, with a product page that promises 'Solutions, not just suggestions.'
Users who lost accounts complained that no human could be reached to escalate their case, and 404 Media said the technique had circulated in Telegram groups since March, which suggests the weakness sat open for weeks. Stolen handles, among them coveted short usernames, were reportedly touted for sale in the same channels, prized for their resale value and use in scams.
Security specialists warned that letting a chatbot govern account recovery invites manipulation that a trained agent might have caught.
A system built to make help faster ended up making theft effortless, and that lesson will outlast the patch.
© Copyright IBTimes 2025. All rights reserved.
- Recommended For You
