Hackers Exploit Meta AI Tool To Hijack Instagram Accounts, Including Obama's White House Page

Hackers exploited a critical vulnerability in Meta's AI-powered support chatbot over the weekend to hijack multiple high-profile Instagram accounts, with attackers needing no access to victims' existing passwords or email addresses to pull it off.

The compromised accounts include the Instagram handle for the Obama-era White House, which appears to have been inactive since 2017, and the account of the US Space Force's chief master sergeant John Bentivegna. Prominent security researcher Jane Wong also reported being targeted.

How they did it?

A video posted on X showed the step-by-step process. The hacker used a VPN to spoof the target's presumed location, bypassing Instagram's automated account protections. The attacker then opened a chat with the Meta AI Support Assistant and simply asked the bot to add a new email address to the target's account. The chatbot sent a verification code to the hacker's own email address; the hacker shared that code back with the chatbot, which then displayed a button to reset the account password.

Critically, the attack worked because at no point did the hacker need to access the legitimate email address actually linked to the victim's Instagram account. Meta's own tool, designed to help users, became the entry point.

Several users on Reddit reported their Instagram accounts had been compromised, and multiple users on X warned of similar account hijackings. Wong described the experience as alarming: her password was changed without her knowledge while she received repeated reset attempts throughout the day.

The attack appears to have targeted both dormant legacy accounts and active verified ones, raising concerns about the security of any Instagram account, regardless of activity level.

Meta says it's fixed

Instagram spokesperson Andy Stone said in a reply on X that the issue had been resolved. It remains unclear how many Instagram users had their accounts improperly accessed. Meta did not provide further detail on the scope of the breach or how the chatbot flaw went undetected.

The incident spotlights a growing risk as platforms deploy AI assistants with account-level access: a chatbot capable enough to help legitimate users reset credentials is also, in the wrong hands, a ready-made hacking tool.