Instagram Suffers Breach Through Meta Chatbot Exploit

Hackers were able to gain unauthorized access to Instagram accounts by manipulating Meta’s AI support chatbot, according to a report from 404 Media. The attackers used simple prompts to convince the AI to link new email addresses to target accounts and reset passwords, bypassing standard security checks.

Screenshots and videos shared in Telegram groups demonstrated the process, which involved asking the AI bot to update account details with attacker-controlled information. The vulnerability allowed changes without proper verification, raising concerns about how AI systems handle sensitive account actions. Meta’s vice president of communications, Andy Stone, stated that the issue has been fixed and that underlying vulnerabilities have been addressed.

The incident highlights risks tied to Meta’s increasing use of AI for customer support and account management. The company has cut more than 20% of its workforce in 2026 while heavily investing in AI development. CEO Mark Zuckerberg has discussed training AI agents to assist with or replace various work functions, including decision-making and support roles.

This case illustrates potential weaknesses in “agentic AI” systems that can take actions on behalf of users or the company. While AI offers efficiency, it can introduce new vulnerabilities if prompts can override security protocols. The Instagram breach shows how persuasive interaction with AI tools can lead to account takeovers and other potential dangers, something that will need to be pre-emptively addressed if companies are committing to AI customer support systems long-term.