HomeIntelligenceBrief
BREACH BRIEF🟠 High Breach

Instagram AI Support Chatbot Flaw Enables Credential Hijacks of High‑Profile Accounts

Attackers leveraged Meta’s AI‑powered support chatbot to reset Instagram passwords and add attacker‑controlled email addresses, hijacking accounts—including the Obama White House and a U.S. Space Force profile—without needing victim email access. The breach underscores AI‑driven support as a new attack surface for third‑party risk.

LiveThreat™ Intelligence · 📅 June 03, 2026· 📰 securityaffairs.com
🟠
Severity
High
BR
Type
Breach
🎯
Confidence
High
🏢
Affected
3 sector(s)
Actions
4 recommended
📰
Source
securityaffairs.com

Instagram AI Support Chatbot Flaw Enables Account Hijacks of High‑Profile Users

What Happened — Attackers abused Meta’s AI‑powered support chatbot to reset Instagram passwords and inject attacker‑controlled email addresses, hijacking accounts without ever accessing the victims’ email inboxes. The vulnerability was demonstrated on several accounts, including the dormant Obama White House Instagram profile and the account of a U.S. Space Force senior official, before Instagram issued a fix.

Why It Matters for TPRM

  • AI‑driven support functions can become a low‑complexity attack surface, exposing third‑party SaaS users to credential takeover.
  • Compromised social‑media accounts can be weaponized for disinformation, brand damage, and indirect leakage of sensitive organizational content.
  • The incident highlights the need to evaluate vendor controls around AI‑assisted workflows, MFA enforcement, and rapid patch management.

Who Is Affected — Social‑media platforms, government agencies, defense organizations, NGOs, and any enterprise that relies on Instagram for public outreach or brand presence.

Recommended Actions

  • Verify that all Instagram‑linked accounts enforce strong, unique passwords and multi‑factor authentication (MFA).
  • Monitor for anomalous password‑reset requests and unexpected email address changes.
  • Request from Meta a post‑mortem detailing the AI‑chatbot flaw, remediation steps, and future hardening plans.
  • Update third‑party risk questionnaires to include AI‑support security controls and incident‑response capabilities.

Technical Notes — The attack leveraged a flaw in the AI support workflow that allowed a user to request a password reset, then command the chatbot to add a new email address to the target account. No malware, stolen credentials, or zero‑day exploit was required; the technique relied on VPN‑based location spoofing and social engineering of the AI assistant. No CVE has been published. Data exposed includes account credentials and any content posted during the hijack period. Source: SecurityAffairs

📰 Original Source
https://securityaffairs.com/193034/hacking/instagram-account-hijacks-expose-the-security-risks-of-ai-powered-support.html

This LiveThreat Intelligence Brief is an independent analysis. Read the original reporting at the link above.

Monitor Your Vendor Risk with LiveThreat™

Get automated breach alerts, security scorecards, and intelligence briefs when your vendors are compromised.

Start Free Trial → Learn About Scorecards
← All Intelligence Briefs Breach Watch Feed →