Hackers used Meta AI to expose over 34,000 Instagram accounts, but Meta isn't slowing down

A few days ago, we reported on how Meta’s growing reliance on AI-powered support tools had seemingly opened the door to a new kind of security problem. Now, a fresh report from The New York Times suggests the issue may have been far more widespread than initially understood, affecting around 34,000 Instagram users. Of those, roughly 20,000 accounts were allegedly compromised, exposing personal information such as email addresses, phone numbers, and birth dates, while thousands more had their usernames changed or temporarily lost control of their profiles.

Unlike many account breaches that rely on stolen passwords, phishing emails, or malware, this incident appears to have stemmed from something far more mundane: an automated support workflow that could be manipulated into performing actions it wasn’t supposed to.

Attackers were able to convince Meta’s AI support chatbot to replace the email address associated with a target Instagram account. Once the new email was linked, the attackers could request a password reset and gain control of the profile.

Several high-profile accounts were affected by the breach, including businesses, public figures, and government-linked organizations. Some hijacked profiles were later used to publish unauthorized posts before Meta stepped in and restored access.

Meta has reportedly attributed the issue not to the AI model itself but to weaknesses in the verification systems surrounding it. That’s an important distinction. The chatbot wasn’t independently deciding to hand over accounts. Instead, it was operating within a recovery process that appears to have lacked sufficient safeguards to stop abuse.

Still, the incident highlights a growing concern as tech companies rush to automate customer support. AI is increasingly being trusted with tasks that were once handled by human agents, from resetting passwords to verifying identities. While that can make support faster and more accessible, it also means a single flaw can be repeated thousands of times before anyone notices.

Imagine a support representative who mistakenly approves a fraudulent account recovery request — that’s a problem. Now imagine that same mistake being made automatically, around the clock, for anyone who discovers the right prompt. That’s the risk companies face when security checks fail to keep pace with automation.

Meta says it is conducting a “comprehensive review” to identify and address additional security issues, and is notifying affected users and regulators.

The incident is another reminder that the biggest risks associated with AI aren’t always the models themselves, but the systems built around them. Despite a breach that reportedly affected tens of thousands of Instagram users, Meta isn’t hitting the brakes on its AI ambitions.

Internal documents cited by the New York Times suggest the company paused only the specific Instagram password recovery experiment linked to the incident, while leaving its broader AI-powered support initiatives intact. The same documents indicate employees were already discussing how to handle similar breaches going forward. If anything, Meta seems to view these failures as problems to fix along the way rather than reasons to slow its rollout.