Hackers used Meta AI to expose over 34,000 Instagram accounts, but Meta isn’t slowing down

Affiliate links on Android Authority may earn us a commission. Learn more.

A few days ago, we reported on how Meta’s growing reliance on AI-powered support tools had seemingly opened the door to a new kind of security problem. Now, a fresh report from The New York Times suggests the issue may have been far more widespread than initially understood, affecting around 34,000 Instagram users. Of those, roughly 20,000 accounts were allegedly compromised, exposing personal information such as email addresses, phone numbers, and birth dates, while thousands more had their usernames changed or temporarily lost control of their profiles.

Unlike many account breaches that rely on stolen passwords, phishing emails, or malware, this incident appears to have stemmed from something far more mundane: an automated support workflow that could be manipulated into performing actions it wasn’t supposed to.

Attackers were able to convince Meta’s AI support chatbot to replace the email address associated with a target Instagram account. Once the new email was linked, the attackers could request a password reset and gain control of the profile.

Several high-profile accounts were affected by the breach, including businesses, public figures, and government-linked organizations. Some hijacked profiles were later used to publish unauthorized posts before Meta stepped in and restored access.

Meta has reportedly attributed the issue not to the AI model itself but to weaknesses in the verification systems surrounding it. That’s an important distinction. The chatbot wasn’t independently deciding to hand over accounts. Instead, it was operating within a recovery process that appears to have lacked sufficient safeguards to stop abuse.

Still, the incident highlights a growing concern as tech companies rush to automate customer support. AI is increasingly being trusted with tasks that were once handled by human agents, from resetting passwords to verifying identities. While that can make support faster and more accessible, it also means a single flaw can be repeated thousands of times before anyone notices.

Imagine a support representative who mistakenly approves a fraudulent account recovery request — that’s a problem. Now imagine that same mistake being made automatically, around the clock, for anyone who discovers the right prompt. That’s the risk companies face when security checks fail to keep pace with automation.