Hackers claim they were able to take over Instagram accounts by tricking Meta’s AI support chatbot into sending a verification code to a new email address—then using the chat’s prompts to reset passwords. Meta says the issue has been resolved and impacted acco
For people who assumed an “AI support” chat was just another layer of customer help. the screenshots circulating online landed like a warning label. Over the weekend. accounts of hijackings described a simple script: trick Meta’s chatbot. change where verification messages would go. then take over the account.
Hackers said they tricked Meta’s AI chatbot into giving them access to other people’s Instagram accounts—just by asking. In videos and screenshots of interactions shared online. the chatbot reportedly told the user it had sent a verification code to the new email address. After the code was entered, the chatbot displayed an option to reset the account’s password.
The accounts showing signs of compromise in screenshots and reporting included the Barack Obama White House account. beauty retailer Sephora. and US Space Force chief master sergeant John Bentivegna. according to the material shared online. As of Tuesday afternoon, all three accounts appeared to be restored. None of the representatives for the affected accounts responded to requests for Business Insider.
Meta responded quickly once the issue moved beyond user posts. “This issue has been resolved and we are securing impacted accounts,” wrote Meta vice president Andy Stone in a Monday X post. Meta did not respond to questions from Business Insider.
The scale of the damage remains unclear. It’s not known how many accounts were affected in total, and Business Insider was not able to independently verify the hackers’ method.
The incident has sharpened a debate inside the cybersecurity world: not whether AI can help with support. but whether it should be trusted with the most dangerous parts of identity and account access. Jake Moore. global cybersecurity specialist at ESET. said the episode is a reminder of the risks of outsourcing critical functions to AI.
“Unfortunately, social media platforms have focused on AI innovation before toughening up their users’ account security, meaning criminals and hackers will inevitably, and continually, take advantage of it,” Moore said.
Tom Van de Wiele, founder of security firm Hacker Minded, said the behavior reflects a “move fast and break things” mentality backfiring. He argued that Meta deployed an AI agent to handle customer support globally but failed to put hard constraints on what the AI could access and change.
Tomas Stamulis, chief security officer at Surfshark, compared the chatbot to “an inexperienced employee.” In his view, a human might eventually notice something wrong in the conversation, but AI doesn’t stop the interaction.
One of the clearest lessons, according to Marijus Briedis, CTO at NordVPN, is that AI should never be the final arbiter of identity. He said users should use tools like multi-factor authentication to help secure their accounts.
The human cost isn’t confined to high-profile usernames. Jane Wong, a San Francisco-based security researcher, said her Instagram account was compromised after she received text messages from WhatsApp for her Instagram login code on Saturday evening. She said she didn’t request them.
Wong later discovered her Instagram password had been changed without her knowledge. She was able to access her account through the “forgot password” option, but she continued receiving login code messages over the weekend.
She said she wanted more transparency from Meta earlier. “While cyberattacks are not unusual to me, I would have appreciated it if Meta could provide more clarity about this security incident earlier,” she said.
Meta has been moving aggressively into AI across its products and operations. The company has reorganized some teams to become “AI-native,” moved thousands of staff onto AI projects, and embedded AI into its services.
In March. Meta launched its AI support assistant. which it said would provide “24/7 help for account issues like updating your password and settings for your profile.” Last month. Meta laid off about 8. 000 staff. Business Insider reported that affected staff included those on Meta’s Integrity and cybersecurity teams. which are responsible for protecting the company’s platforms.
The most striking part of the weekend’s claims wasn’t just that accounts were targeted—it was how the takeover appears to have followed the chatbot’s own recovery flow. Videos and screenshots show a conversation that began with a request to link an Instagram account to a new email address. then moved to verification via a code. and ended with a password reset option.
By Tuesday afternoon. the three accounts named in screenshots and reporting appeared restored. and Meta says it has resolved the issue and is securing impacted accounts. Still. the unanswered question hanging over the incident is how many other accounts may have been reached before the problem was contained—and whether the next time a criminal “asks. ” AI support will behave the same.
Meta Instagram AI chatbot account takeover cybersecurity ESET Surfshark NordVPN Andy Stone Andy Stone X post multi-factor authentication WhatsApp verification codes