Meta wanted to make support for Facebook and Instagram easier with AI. Now, security researchers and hackers report that attackers were apparently able to take over foreign Instagram accounts – including the account of Barack Obama’s former.
Meta’s new AI support as the root of the problem: In March 2026, Meta presented its plans to integrate artificial intelligence much more into Facebook and Instagram. The AI was supposed to do more than just answer questions; it was to take on specific tasks in customer support. (via Meta press release)
In the official blog post, Meta explained that users would receive help with security issues, password changes, and account recovery in the future. The company talked about “solutions instead of just suggestions” and announced that the AI could even recognize unusual activities before they become a security problem.
The goal was clear: less waiting time in support and at the same time more security for users. Unfortunately, exactly what the AI should have better protected against has now happened – and in the simplest way imaginable.
A simple question is enough
How could hackers use the AI support against Meta? As the US investigative medium 404 Media reports, videos and instructions circulated in Telegram groups showing a very simple attack.
According to this, attackers initially initiated a password reset for a target account. They then contacted Meta’s AI support and asked it to change the registered email address of the account.
The chatbot is said to have then sent a confirmation code to the hacker’s email address. With this code, they were able to reset the password and take control of the account. The basis for the request to function at all was probably the creation of an active VPN connection of the respective target account, as reported by the Guardian.
The actual attack did not consist of really cracking a technical protection measure. Instead, the AI supposedly performed an action that it should have simply refused to do.
Which accounts were affected? One of the most well-known victims is said to be the Instagram account of former US President Barack Obama. This is not Barack Obama’s private account but the official Instagram presence of the White House during his term.
The US celebrity and news platform TMZ reported at the end of May 2026 that unknown individuals had taken control of the account and published foreign content there. According to the report, Meta later confirmed that the account had been compromised and was now secured again.
In addition to the former White House account, according to 404 Media and other reports, several other prominent accounts were reportedly affected, including the cosmetics company Sephora and accounts related to the US military.
Has Meta closed the security gap in the meantime? According to Meta, yes. The company stated to the Guardian that the problem has now been resolved and that they are working to further secure affected accounts. Tech channels on Telegram have also recently reported that the method no longer works. (404 Media)
What do you think? Should AI applications be used in customer support? What experiences have you had with chatbots so far? Let us know in the comments.
Artificial intelligence as a replacement for human employees and problem solvers is not always a good idea. To make it better and avoid stupid mistakes like here, Zuckerberg and Meta, the company behind Facebook, want to create a personal superintelligence. Their biggest trump card: The personal data of users.
Your opinion is important to us!
Do you like the article? Then let us know!