Instagram users locked out after Meta AI abused to steal accounts
According to BleepingComputer, multiple Instagram users had their accounts hijacked after attackers manipulated Meta's AI-powered support tools into believing they were the account owners. The attackers likely used social engineering or data leaks to provide sufficient information to bypass security checks. Once in control, they changed passwords and emails, locking out the original users. This incident underscores the risks of relying on AI for sensitive tasks like account recovery, as the AI may lack the nuance to detect fraudulent claims. Meta has not yet commented on the breach or outlined steps to prevent future occurrences.
// why it matters
Highlights AI's vulnerability to social engineering in account recovery.