Meta’s AI-powered support assistant for Instagram has been exploited by hackers to seize control of numerous accounts, exposing significant weaknesses in the company’s verification processes. The vulnerability, which surfaced publicly over the weekend, allowed bad actors to change email addresses linked to target accounts without meaningful identity checks, paving the way for password resets and full takeovers.
Meta introduced the AI support bot in December as a way to provide round-the-clock assistance for issues like scam reports, content disputes, and password recovery. While the intent was to streamline user help, the system proved dangerously permissive. Hackers demonstrated how simply connecting via a VPN set to a location near the account holder could fool the AI into recognizing the request as legitimate. In some instances, the bot bypassed two-factor authentication entirely. Even when selfie verification was requested, attackers used AI-generated images to circumvent it. Meta’s own description of the tool, noting that systems “recognize the device you usually use and familiar locations better than ever,” now reads as an unintended roadmap for exploitation.
The flaw was not entirely new. Reports indicate hackers had been aware of it since March, quietly profiting through Telegram channels offering black-market Instagram account services. Once details spread publicly, takeovers accelerated, hitting a range of prominent targets including the Sephora brand account, the Chief Master Sergeant of the Space Force, researcher Jane Manchun Wong, developer Albert Renshaw, and the archived Barack Obama White House handle. Victims described a frustrating recovery process: the same AI assistant often failed to restore access, and options to speak with a human representative were unavailable.
Meta moved quickly to patch the issue over the weekend. VP of communications Andy Stone confirmed the fix and stated that impacted accounts were being secured. Yet the episode highlights deeper problems. Relying on AI for sensitive account operations without robust safeguards reflects a broader industry tendency to deploy automated tools rapidly while underestimating real-world abuse potential. Location-based verification, in particular, has long been unreliable in an era of easy VPN access and sophisticated deepfakes.
This incident arrives amid Meta’s continued push into AI across its platforms, from content moderation to user support. While such systems promise efficiency, they also shift trust away from human oversight at a time when account security is more critical than ever. Social media handles, especially high-value ones, represent digital identities worth real money on underground markets. The fact that even verified or notable accounts fell victim suggests the safeguards were inadequate from the start.
For users, the event serves as a reminder of the risks inherent in centralized platform control. Instagram remains a primary space for personal branding, business, and communication, but incidents like this erode confidence in the company’s ability to protect that ecosystem. The quick patch is necessary damage control, but it does not erase the reality that poor implementation turned a support feature into a liability. As AI tools proliferate in customer service, Meta and its peers will need to demonstrate far stronger testing and fallback mechanisms to prevent similar failures.
In the end, this episode underscores a recurring tension in tech: the drive for convenience and automation often clashes with the hard demands of security. Users would be wise to enable every available protection layer and remain skeptical of automated support channels until proven reliable over time.
