Meta AI and security: accounts stolen through password reset links without 2FA
A vulnerability in Meta's AI-powered support feature allowed cybercriminals to obtain password reset links for Instagram accounts by bypassing two-factor authentication (2FA).
Security flaw in Meta AI support feature
A vulnerability during the testing phase of Meta’s AI-based support tools may have allowed cybercriminals to compromise more than 100 Instagram accounts, including high-value profiles.
The case, which emerged in recent hours through online reports and specialized channels, reignites the debate on the security of automated systems and the integration of AI into critical services. According to reconstructions, the issue involved an experimental AI-powered customer support function, active only for a limited group of users and, in some cases, not manually disableable. This testing phase likely made it harder to detect the vulnerability promptly.
The attack mechanism
The method used by hackers appears to have been surprisingly simple.
Attackers, using a VPN to simulate a geographic connection close to the victim, contacted Meta’s AI assistant while posing as the legitimate account owners.
According to reports:
The AI was tricked into sending a verification code to an email address controlled by the attacker.
The code was then provided back to the assistant.
The system generated a password reset link without further verification.
The critical issue, according to experts, was the lack of robust identity checks: no document requests, no human intervention, and no mandatory multi-factor authentication in this specific flow.
“It’s a classic case of a logical flaw, not a technical one,” cybersecurity analysts explain. “The system worked as designed, but the design itself did not include adequate safeguards against malicious use.”
Victims and warning signs
Several accounts indicate that affected users were suddenly logged out of their accounts, with passwords changed without any email, SMS, or push notification.
A particularly concerning element is the absence of alerts: under normal conditions, credential changes trigger a series of security notifications. In this case, however, the AI-managed flow appears to have bypassed or failed to activate these mechanisms.
According to unofficial sources, more than 100 accounts were compromised, many belonging to creators, brands, or profiles with high commercial value. The exact number and claims of “hundreds” of accounts have not yet been independently confirmed by Meta or official security sources.
Spread in criminal networks
By the time the vulnerability became public, the method was already circulating in certain Telegram channels frequented by cybercriminals. Detailed instructions on how to replicate the attack were reportedly shared, making it accessible even to individuals with limited technical skills.
This highlights a now well-established dynamic: the speed at which exploits and attack techniques spread online often outpaces countermeasures.
Meta’s response
Meta has fixed the vulnerability and stated that it was not a direct breach of its systems, but rather a malfunction in the AI-linked account recovery flow.
At present, however, there are no detailed official communications confirming all aspects of the incident or the exact number of affected accounts.
The company has previously faced criticism related to security and automated support processes, and this episode could renew regulatory pressure, especially in Europe.
The Obama case
Among the hypotheses circulating online, some link this technique to a recent alleged attack involving profiles associated with former President Barack Obama. However, there is currently no official confirmation or independent forensic analysis connecting that case to the described vulnerability.
AI and security: a delicate balance
The case raises a broader issue: the integration of artificial intelligence into support and security systems.
While AI can scale assistance and improve user experience, it also introduces new risk vectors:
Automation of sensitive processes.
Potential manipulation through deceptive prompts.
Reduced human oversight in critical checks.
“Security cannot be an afterthought,” analysts emphasize. “It must be designed alongside the system, especially when AI is involved.”
How to protect yourself
Even though the vulnerability appears to have been fixed, the case offers useful guidance for users:
Always enable two-factor authentication.
Monitor suspicious logins and security notifications.
Use unique, strong email addresses and passwords.
Be wary of unusual account recovery requests.
A wake-up call for the industry
This episode serves as a clear signal for the entire tech ecosystem: the adoption of artificial intelligence must be accompanied by rigorous security controls.
AI is a powerful resource, but without careful implementation, it can become a multiplier of vulnerabilities. In a context where cyberattacks are increasingly sophisticated, even a seemingly “simple” flaw can have large-scale consequences.