META disclosed a vulnerability in its AI-powered High Touch Support (HTS) tool that exposed over 20,000 Instagram accounts to unauthorized access. The flaw allowed third parties to exploit the system, receiving password reset links meant for the actual account holders when incorrect email addresses were provided. Meta has since disabled the HTS tool, invalidated existing password reset links, and implemented security checks to prevent similar incidents. Affected users were urged to reset their passwords and enable two-factor authentication.
Meta patches bug that sent Instagram reset links to wrong users
Article by CyberSIXT
Timeline Coverage
Swipe to explore timeline
-
Instagram recovery bug lets attackers hijack 20k accounts
securityonline.info
-
Meta patches bug that sent Instagram reset links to wrong users
www.infosecurity-magazine.com
-
Meta Support Bot Gives Hackers Access to Instagram Accounts
malwarebytes.com
-
Meta shuts AI recovery tool after 20k Instagram accounts hacked
securityweek.com
-
Hackers exploit AI bot to hijack Instagram accounts via reset
-
Meta AI chatbot flaw hijacks Instagram accounts, White House hit
securityaffairs.com
-
Hackers Simply Asked Meta AI to Give Them Access to High-Profile Instagram Accounts. It Worked
databreaches.net
-
Meta AI recovery flaw lets hackers hijack Instagram accounts
-
Hackers hijack Instagram accounts using Meta AI chatbot exploit
arstechnica.com
-
Instagram Accounts Hijacked Via Meta AI Support Flaw
krebsonsecurity.com