Instagram breach via Meta AI deception: how attackers gained account access

Colleagues, I want to highlight a cybersecurity incident: attackers deceived Meta AI support and gained access to Instagram accounts.
- Scheme: attackers spoofed location via VPN and asked the Meta AI chat to add a new email.
- The bot sent a code to an address controlled by the attacker; after verification it offered a password reset, enabling account takeover.
- Several accounts were affected, including notable ones; researcher Jane Wong reported a takeover as well.
- Instagram says the vulnerability is fixed; the number of affected accounts is unknown.
Why it matters: automated support can be an exploitation vector—additional verification is needed.
What measures do you consider priorities to protect against such scenarios?
#cybersecurity #AI #Instagram #Meta


Latest comments
No comments yet.