Meta confirms 1000s of Instagram accounts were hacked by abusing its AI chatbot
speckx
518 points
188 comments
June 06, 2026
Related Discussions
Found 5 related stories in 117.7ms across 10,500 title embeddings via pgvector HNSW
- Hackers Used Meta's AI Support Bot to Seize Instagram Accounts panarky · 52 pts · June 01, 2026 · 82% similar
- Hackers Asked Meta AI to Give Them Access to Instagram Accounts. It Worked pulisse · 22 pts · June 01, 2026 · 75% similar
- Tell HN: Meta's AI support feature allows Instagram accounts to be stolen parable · 19 pts · May 31, 2026 · 69% similar
- AI Agent hacked McKinsey's chatbot and gained full read-write access in 2 hours smurda · 31 pts · March 10, 2026 · 61% similar
- A rogue AI led to a serious security incident at Meta mikece · 144 pts · March 19, 2026 · 60% similar
Discussion Highlights (20 comments)
toomuchtodo
https://www.documentcloud.org/documents/28202858-meta-ai-ag-... https://www.maine.gov/agviewer/content/ag/985235c7-cb95-4be2...
Cyan488
> "The tool itself worked properly and functioned as intended; however due to a bug in a separate code path, the system did not properly verify that the email address provided by the individual requesting a password reset matched the email address associated with that user’s Instagram account," said Meta in its breach notice. I'm not sure "worked properly" and "as intended" accurately describe this situation.
loloquwowndueo
This was on hacker news a few days ago ( https://news.ycombinator.com/item?id=48359102 ) - description of the “hack”, not the cockamamie confirmation by Meta.
rvz
If this was a bank that had zero humans and the AI chatbot was abused to hand over sensitive information about their customers which led to this disaster, people would never trust their bank ever again and leave. Meta believes that they can vibe-code their reputation down the drain by removing humans in the loop. Applying a technical solution to a social problem almost always ends in disasters like this. Reputation can’t be vibe-coded.
cyanydeez
"abusing" by using it's built in insecurity to do insecure things. It's like, people abusing an open door. "Guys, just because we left the door open to your bedroom doesn't mean we're responsible". God can only hope this is a business ending lawsuit.
phyzome
Corrected headline: "Meta confirms 1000s of Instagram accounts were hacked due to their insecure AI chatbot".
jhhh
Why was 'can a user request a different email' not literally the first test that comes to mind when making something like this? Do they not test anything because the scale is too big?
webbdev
Meanwhile an account I created for a new product was permanently disabled by an automated system with no path for me to appeal to a human. (If anyone at Meta/Instagram sees this I wrote a brief blog post with the details. Please help! https://addisonwebb.com/blog/2026-06-05-Can%20Someone%20at%2... )
Havoc
>AI-assisted account recovery system oh no...Meta what are you doing
_RPM
Probably some product manager pushed back on security considerations raised by engineers.
whirlwin
I got a suspicious password reset request email today from Meta but it landed in my inbox. Luckily I have MFA and after checking audit logs inside IG upon logging in, I did not see anything suspicious.
zahirbmirza
And who said cameras linked to Meta in their glasses were a good idea?
dwa3592
I really hope this accelerates meta's decline. The world will adapt just fine without social media.
pluc
By "abusing" they mean "using"
johnyzee
"Meta notified at least 20,225 people that their accounts had been compromised. [...] The compromises allowed the hackers to take over the person's entire Instagram and any linked accounts, including obtaining contact information, dates of birth, and profile information, as well as the ability to access the person's posts, direct messages, and account activity [...] the hacks began around April 17 and lasted until this week [...]" This is staggering.
dansquizsoft
You only have to look at both the ridiculiously terrible "Q&A chatbot" that is in FaceBook under some posts (do they still have this?) and the fact that their system can't tell the difference between an inappropriate and a non-inappropriate comment most of the time to understand just how far behind Meta is in AI...
Fairburn
Are we winning yet?
paulpauper
Imagine how much $ ppl could have made hijacking famous accounts to promote crypto or other crap. I wonder how often this happened.
empiree
Yet another reminder that most of these chatbots get shipped way before they're ready. Loud marketing, security treated as an afterthought, all to ride the AI hype. LLMs open up a whole new attack surface and a lot of teams still treat prompt injection like a fun edge case. This is what happens when you ship the demo instead of the product.
alvis
how on earth a password reset API would take both email address and account id as parameters? The chat bot is fine. I bet it's the API written by AI the issue