Dexerto
Hackers reportedly hijacked several high-profile Instagram accounts by tricking Meta’s own AI support chatbot into giving them access.
According to reports, attackers were able to take over Instagram accounts by asking Meta’s AI Support Assistant to change the email address linked to a target’s profile.
The method was shockingly simple. A hacker would use a VPN to spoof the victim’s location, then ask the chatbot to add a new email address to the account. Once the chatbot sent a verification code to the attacker’s email, they could provide that code back to the bot and reset the password.
The attack did not require hackers to access the victim’s actual email account. All they needed was a gullible AI chatbot.
🚨 Instagram had an exploit that allowed you to use Meta AI to reset passwords to accounts with no MFA on them. The exploit was patched a short time ago.pic.twitter.com/PEUwLvmllj
— Dark Web Informer (@DarkWebInformer) June 1, 2026
Major Instagram accounts hacked after Meta chatbots give away logins
Several major Instagram accounts were reportedly affected, including the archived Obama White House account, Sephora’s account, and the account belonging to US Space Force Chief Master Sergeant John Bentivegna.
Security researcher Jane Manchun Wong also said her account was taken over, writing on X: “The password got changed without my knowledge and I was getting different password reset attempts throughout yesterday. Quite concerning.”
The issue also affected smaller creators, including X user Korn, who said his Instagram account @korn was stolen overnight “via the Meta AI exploit” before being disabled.
“It was Meta Verified, facial scan verified, and had 0 TOS violations,” he wrote. “The account is the sole source of my income.”
my instagram (@ korn) was stolen overnight via the Meta AI exploit and was subsequently disabled.
it was Meta Verified, facial scan verified, and had 0 TOS violations.
the account is the sole source of my income.
i spent 6 hours trying to get human support and meta's support… pic.twitter.com/k5x846H8AG
— korn (@kornbuilds) June 1, 2026
Korn claimed he had the account because his name is “Kornel” and wasn’t impersonating the band of the same name. Furthermore, he said he spent six hours trying to reach human support, only for Meta’s support AI to give him multiple broken links.
Instagram testing paid subscription to let you anonymously watch Stories
Influencers take on AI deepfakes with their own creator protection agency
“We’re at the point where one AI stole it and another can’t fix it, zero humans in the loop anywhere,” he said.
Instagram spokesperson Andy Stone said in replies on X that the issue had been fixed. However, it remains unclear how many accounts were improperly accessed.
This isn’t the first time users have found a major exploit with chatbots. Earlier this year, an X user managed to trick Grok into sending around $200,000 worth of crypto using Morse code.
