Instagram’s automated customer service turned into a security nightmare, compromising over 20,000 accounts through a verification bug that even Meta’s engineers missed. Meta recently disclosed that hackers exploited their AI-powered customer support system to affect 20,225 Instagram accounts—a reminder that “smart” automation doesn’t always mean “secure” automation.
The AI Backdoor That Shouldn’t Have Existed
Meta’s High Touch Support system failed to verify email addresses during password resets.
The attack targeted Meta’s High Touch Support, an AI-assisted chatbot designed to help users recover locked Instagram accounts. Here’s where things went sideways: the system had a verification bug that sent password reset links to email addresses that weren’t actually connected to the target accounts.
Imagine ordering food delivery, and the restaurant just hands your order to whoever asks for it—that’s essentially what happened here. Hackers discovered they could manipulate the AI assistant into triggering these faulty resets, effectively compromising accounts without knowing the original passwords or security questions.
The technique reportedly worked best when combined with VPNs to mask suspicious locations, turning Meta’s helpful bot into an unwitting accomplice.
Two-Factor Authentication Saved the Day
Accounts with 2FA enabled largely resisted the attack method.
The silver lining in this security mess? Two-factor authentication proved its worth once again. Security reports indicate that accounts with 2FA enabled were significantly more protected against this particular attack vector.
While hackers could trigger password resets, they still needed that second authentication factor to actually access the accounts. This reinforces a fundamental truth about digital security: your phone number or authenticator app remains your best defense against automated attacks, even sophisticated ones that fool AI systems.
Meta’s Damage Control Response
The company disabled the vulnerable system and implemented mandatory security checkpoints.
Once Meta identified the exploit, they moved quickly to contain the damage. The High Touch Support system was immediately disabled, passwords were reset for all affected accounts, and impacted users were forced through mandatory security checkpoints requiring re-authentication.
Meta confirmed to the Maine Attorney General that while there’s no evidence of data exfiltration, the account access could have exposed direct messages, contact information, posts, and connected services.
The company plans to fix the verification bug before relaunching the tool and reviewing similar account-recovery flows across all its platforms. This incident highlights a crucial blind spot in AI deployment: automated systems handling privileged actions like password resets need bulletproof verification, not just conversational intelligence.
