Hackers have successfully compromised numerous prominent Instagram accounts including the Barack Obama White House profile by simply asking Meta’s AI support chatbot to change the email addresses associated with target profiles, security researchers report.
404 Media reports that a newly discovered vulnerability in Meta’s AI-powered customer support system has enabled hackers to take over several high-profile Instagram accounts through a surprisingly straightforward method. The breach has affected numerous notable accounts, including the Barack Obama White House Instagram profile, the Chief Master Sergeant of Space Force’s account, and the official Sephora company account.
The exploitation technique requires minimal technical sophistication. Hackers have been sharing videos and screenshots in Telegram groups frequented by security researchers and hacking communities, demonstrating the alarming ease with which accounts can be compromised. In one documented case, an attacker initiated a conversation with Meta’s AI support bot and made a simple request to link a target account with a new email address, providing the target username and the attacker’s email address while promising to send a verification code.
Meta spokesperson Andy Stone acknowledged the AI-enabled hack in a short statement on X:
The incident highlights significant risks associated with delegating critical account security functions to artificial intelligence systems. In March, Meta announced its decision to expand AI-powered support across all Facebook and Instagram accounts, granting these automated systems the capability to reset passwords and execute other essential account maintenance tasks. The feature’s product page promotes capabilities including account security and recovery, advertising solutions rather than mere suggestions.
Victims of these account takeovers report an additional layer of frustration in their inability to escalate their issues to human support representatives. This limitation compounds the problem, leaving users without recourse when the AI system itself becomes the vector for account compromise.
Security experts have long warned about the potential risks of over-relying on artificial intelligence for sensitive operations, particularly those involving account security and authentication. This incident provides concrete evidence of those concerns, showing how automated systems can be manipulated through social engineering tactics that might not fool human support staff.
The scope of the vulnerability remains unclear, as does the total number of accounts that may have been compromised using this method. The high-profile nature of the affected accounts suggests that attackers have been specifically targeting valuable or influential profiles, though the technique could theoretically be applied to any Instagram account.
Breitbart News recently reported on an AI drug monitoring system that failed to detect a nurse stealing fentanyl for personal use. These stories demonstrate the danger of replacing existing systems with AI-powered tools. Breitbart News social media director Wynton Hall has written his instant bestseller Code Red: The Left, the Right, China, and the Race to Control AI to serve as the definitive guide on how the MAGA movement can create positions on AI that benefit humanity without handing control of our nation to the leftists of Silicon Valley or allowing the Chinese to take over the world.
Read more at 404 Media here.
Lucas Nolan is a reporter for Breitbart News covering issues of AI, free speech, and online censorship.