You changed your password. You enabled two-factor authentication. You haven't clicked a suspicious link in years. And yet, over the last weekend of May 2026, thousands of Instagram users — including verified accounts and high-profile handles — had their accounts taken over without a single phishing email or data breach.
The culprit? Meta's own AI support chatbot. And what makes this story more alarming than a typical hack is how simple the attack was: the hackers didn't break through a wall. They just knocked — and the bot let them straight in.
How the Attack Actually Worked
Security journalist Lorenzo Franceschi-Bicchierai at TechCrunch documented the exploit in detail after videos of the attack went viral on X. Here is the step-by-step breakdown every Instagram user — especially business owners — needs to understand:
- The hacker connected through a VPN set to the geographic location of the target's Instagram account, satisfying the platform's automated location-based security checks.
- They opened a chat with Meta's AI Support Assistant — the AI-powered help bot Meta introduced to handle account recovery requests at scale.
- The hacker told the bot they were the account owner and asked it to add a new email address to the account — an email address the hacker controlled.
- The bot sent a verification code directly to the hacker's email. The hacker shared that code back with the bot, which then displayed a "Reset Password" button.
- The hacker set a new password, locked the legitimate owner out, and took complete control of the account.
Who Got Hit
The compromised accounts were not random. They included the Instagram handle for the Obama-era White House — dormant since 2017 — and the personal account of the U.S. Space Force's chief master sergeant John Bentivegna. Security researcher Jane Wong, who has broken major tech stories for years, also confirmed her account was taken over and said: "The password got changed without my knowledge and I was getting different password reset attempts throughout yesterday. Quite concerning."
Beyond the high-profile names, hackers were specifically targeting short, memorable Instagram usernames — handles that carry resale values of hundreds of thousands of dollars on grey-market username exchanges. These attacks were targeted, deliberate commercial operations.
The Core Vulnerability: AI That Trusts Too Much
This exploit exposed a fundamental tension in deploying AI for customer support: AI assistants are designed to be helpful and frictionless. They resolve issues quickly without making users jump through excessive hoops. In this case, that helpfulness became a weapon.
The bot had no way to verify that the person in the chat was who they claimed to be — and it never demanded proof beyond what an attacker could easily fake. This is what cybersecurity professionals call a "social engineering" attack — but directed at an AI rather than a human. It turns out AI systems can be manipulated the same way humans can: by telling them a convincing story.
Meta's Response
By Monday June 2, Instagram spokesperson Andy Stone confirmed the issue had been resolved. Meta pushed an emergency patch and clarified that no back-end database was breached — meaning private messages, account data, and payment information were not exposed. Accounts that were hijacked began receiving recovery instructions from Instagram directly.
Meta has not disclosed the total number of accounts compromised, nor confirmed whether the AI support chatbot's ability to change account email addresses has been permanently restricted or only temporarily disabled while additional safeguards are built.
Why Every Nigerian Business Using Instagram Needs to Pay Attention
Instagram is not just a social network in Nigeria — it's a primary storefront for thousands of fashion brands, food businesses, tech startups, and service providers. Losing access to a verified account with tens of thousands of followers can mean losing income overnight. Account hijackings of this type are not unheard of in the Nigerian market, and this exploit gave hackers a significantly easier path to execute them at scale.
More broadly, this attack signals a new era of AI-targeted cybercrime. As businesses deploy AI tools for customer service, account management, and operations, those same tools become attack surfaces. Your AI assistant is not just a productivity tool anymore — it is also a potential entry point for adversaries who know how to talk to it.
What You Should Do Right Now
- Review your Instagram account's linked email addresses and remove any you don't recognise — go to Settings → Account → Personal Information.
- Enable login activity alerts so you're notified immediately of any new logins or account changes in real time.
- Train your social media team to treat any unexpected account change notification as suspicious until verified through official Instagram support channels — never through a chatbot.
- Apply for Meta Verified or Meta Business Suite protections for your brand account to access higher-tier account recovery options not available to standard users.
The lesson here is not that AI is dangerous — it's that every AI system, like every human system, has blind spots. Attackers will find them faster than developers can patch them. Is your business's Instagram presence protected against the next wave of AI-targeted account attacks?
Originally featured on TechCrunch
