Hackers have reportedly compromised over 20,000 Instagram accounts through a vulnerability in Meta’s AI support chatbot, as confirmed by the company in a notice to the state of Maine. The exploit stemmed from a bug that allowed attackers to bypass two-factor authentication by requesting password resets via the chatbot, leading to unauthorized access. Meta identified the incident on May 31 and claimed to have resolved it by June 1, affecting several notable accounts, including those of former President Barack Obama and the US Space Force Chief Master Sergeant. While the company stated it is uncertain whether personal data was accessed, it acknowledged that hijackers could have obtained sensitive information like email addresses and phone numbers. In response, Meta has disabled the AI support tool, fixed the bug, invalidated compromised password reset links, and enforced security checkpoints for affected accounts.
Why It Matters
This incident highlights the vulnerabilities that can exist within automated customer support systems, particularly those relying on AI. The ability for hackers to exploit such weaknesses raises concerns about data security and user privacy on major social media platforms. Previous breaches have demonstrated the significant risks associated with inadequate verification processes, which can lead to widespread account takeovers and potential data leaks. As technology continues to advance, companies must prioritize robust security measures to safeguard user information against increasingly sophisticated cyber threats.
Want More Context? 🔎
