404media.co web signal June 20th 2026

Meta AI Chatbot Let Hackers Take Over 20,000 Instagram Accounts

TL;DR

Hackers asked Meta's AI support chatbot to link their email to target accounts; the bot complied, enabling password resets.
Meta's breach notification to Maine's attorney general disclosed 20,225 compromised accounts from April 17 to May 31, 2026.
High-profile targets included the Barack Obama White House Instagram account, a U.S. Space Force official, and Sephora.

When Meta moved account recovery to an AI support assistant, someone tested the obvious question: what happens if you just ask it to hand over an account? According to 404 Media, the answer was that it worked. The exploit circulated on Telegram, and the breach ran from April 17 to May 31, 2026, before Meta disabled the chatbot.

The method required no sophisticated technical skill. Attackers reportedly used a VPN to appear to be in the same country as a target account, initiated a standard password reset flow, then asked Meta's AI support assistant to link their own email address to that account. The assistant sent a password reset link to the attacker's email. High-profile accounts caught in the sweep reportedly included the Barack Obama White House Instagram account, the account of the Chief Master Sergeant of the U.S. Space Force, and the makeup company Sephora.

Meta filed a data breach notification with Maine's Attorney General's office disclosing that 20,225 accounts were affected, including 30 in Maine. The chatbot, reportedly called "High Touch Support," was designed to help locked-out users regain access, but according to SecurityWeek and other corroborating reports, a bug in a separate code path meant the system never verified whether the email being added actually belonged to the account in question.

A detail the reporting surfaces is what happened to victims afterward: users whose accounts were taken over found no way to escalate the problem to a human representative. The AI that failed them was also the only support path available.

The reporting is clear on the timeline and scale, but leaves gaps worth noting. It does not establish whether Meta had prior internal signal this attack path existed, and it does not detail what recovery options were offered to affected users or how quickly they were notified. Accounts that had two-factor authentication enabled appear to have been outside the scope of this particular exploit, which is the most direct takeaway for anyone reviewing their own account security today.

Shared on Bluesky by 15 AI experts (top 5 by trust)

Meredith Broussard @merbroussard.bsky.social amplified

Data & Society @datasociety.bsky.social

"The vulnerability is an astounding, high-profile example of the types of risks that companies are putting their users and workers under when they offload important functions to AI." www.404media.co/hackers-simp...
View on Bluesky →
Olivia Guest @olivia.science amplified

Jason Koebler @jasonkoebler.bsky.social

New: Hackers have been stealing high-profile Instagram accounts by simply asking Meta's AI support chatbot to change the email associated with the account they want to steal. Shockingly easy, terrible flaw associated w…
View on Bluesky →
Data & Society @datasociety.bsky.social: "The vulnerability is an astounding, high-profile example of the types of risks that companies are putting their users and workers under whe… →
404 Media @404media.co: The exploit shows the extreme risk of offloading technical support to AI. www.404media.co/hackers-simp... →
Brian Merchant @bcmerchant.bsky.social amplified

404 Media @404media.co

NEW: Hackers say that they used Meta’s AI support chatbot to break into a host of high-profile Instagram profiles by asking the support bot to change the email address associated with the target account.
View on Bluesky →

Originally reported by 404media.co

Read the original article →

Original headline: Hackers Simply Asked Meta AI to Give Them Access to High-Profile Instagram Accounts. It Worked