ATTACKERS exploited Meta's AI-powered support chatbot to hijack Instagram accounts by resetting passwords without needing access to victims' email inboxes. This issue impacted several accounts, including notable ones like the Obama White House account, highlighting the vulnerability in automated support systems. The exploit involved tricking the chatbot into associating a new email address with the target account during the password recovery process.
Security experts noted that multi-factor authentication could have prevented these attacks. The incident raises concerns over the security implications of AI in customer support, particularly regarding sensitive account management tasks.