Hackers Tricked Meta AI Into Handing Out Access to Major Instagram Accounts

Hackers used Meta's AI support chatbot to attach attacker-controlled emails to high-profile Instagram accounts including the defunct Obama White House and Sephora accounts. The AI responded to prompts like 'Just link my new email address' with the target username and attacker email, enabling password resets and account takeovers. Meta's March 2024 announcement allowed AI to handle customer service workflows including account recovery. A verified video shows the hacker initiating the conversation and receiving confirmation from the AI. The incident reveals a vulnerability in Meta's AI-powered support system that bypasses standard authentication steps.