Meta has confirmed that hackers exploited a flaw in its AI-powered support assistant to take control of Instagram accounts, including several high-profile profiles, The Guardian reported. The issue came to light after security researchers shared screenshots and videos showing how attackers could manipulate Instagram’s AI support chatbot to bypass account recovery safeguards. The exploit reportedly triggered a wave of account takeovers over the weekend, affecting both prominent figures and ordinary users.
Meta AI leads to hack of Barack Obama Instagram here is the video how it was hacked due to ai model foolishness pic.twitter.com/o0RQ0KzCBm
— Chetaslua (@chetaslua) June 1, 2026
Among the accounts reportedly compromised were the Obama-era White House archive account, which briefly displayed pro-Iran content before being recovered, beauty retailer Sephora, US Space Force Chief Master Sergeant John Bentivegna, and cybersecurity researcher Jane Manchun Wong, a former Meta systems engineer.
“The password got changed without my knowledge and I was getting different password reset attempts throughout yesterday. And I got repeatedly logged out from the IG iOS app,” Wong wrote on X.
Even my Instagram account got hacked
The password got changed without my knowledge and I was getting different password reset attempts throughout yesterday. And I got repeatedly logged out from the IG iOS app
Quite concerning https://t.co/F6wjKYrlBo
— Jane Manchun Wong (@wongmjane) June 1, 2026
Similar complaints surfaced across Reddit and X, where users reported losing access to their accounts.
My Instagram account (@zv) was compromised and disabled overnight despite being Meta Verified, identity verified, and having no history of policy violations.
I’ve spent hours trying to get support, only to be sent in circles through automated systems and broken help resources… pic.twitter.com/aaCmcTFkBL
— Hmz (@hmz_ib) June 1, 2026
🚨 LIVE: Instagram hack is going on and guys are hacking accounts currently on live.
AI at Meta sucks lol. Look at Whats happening pic.twitter.com/zSqvXDa1JY
— Bahram Sahbani (@bahrambiz) May 31, 2026
How The Exploit Worked
According to demonstrations shared by researchers and hacking groups, attackers were able to use Meta’s AI-powered support system to reset passwords without having access to a victim’s email account. Videos circulating online appeared to show hackers instructing the chatbot to associate a new email address with a targeted Instagram account. The AI assistant then sent a verification code to the attacker’s email address and, after the code was entered into the chat, provided access to a password reset link.
Meta spokesperson Andy Stone confirmed that the vulnerability has since been fixed and said the company is working to secure affected accounts.
This issue has been resolved and we are securing impacted accounts.
— Andy Stone (@andymstone) June 1, 2026
Researchers believe the flaw originated from a weakness in Meta’s automated customer support infrastructure, which was introduced to handle account recovery and maintenance requests. Instead of verifying account ownership, the AI assistant reportedly accepted instructions from users and carried out sensitive account changes with insufficient authentication checks.
To increase their chances of success, attackers allegedly used VPNs or residential proxy services to make it appear as though they were logging in from the same region as the account owner. They would then initiate an account recovery conversation with the AI assistant, request that a new email address be linked to the target account, and complete the verification process using a code sent directly to that email address. Once verified, the chatbot provided a password reset option, effectively handing control of the account to the attacker.
Cybersecurity researchers say the incident highlights the growing risks associated with increasingly autonomous AI systems that are granted access to sensitive account-management functions. While AI assistants can streamline customer support, experts warn that giving them authority over critical security settings without rigorous identity verification can create serious vulnerabilities.
