- Instagram accounts hacked via Meta’s AI chatbot totalled at least 20,225, confirmed in a Maine attorney general filing.
- Instagram accounts hacked in this campaign lacked two-factor authentication, letting attackers redirect password reset codes to their own email.
- The breach ran from approximately April 17 until Meta disabled the vulnerable chatbot code path this week.
- Meta has now removed the account-reset functionality from the chatbot and is auditing its other AI tools across its platforms.
- Instagram accounts hacked via a flaw in Meta’s AI chatbot totalled at least 20,225, per a Maine attorney general filing.
- Instagram accounts hacked in this campaign lacked two-factor authentication, letting attackers redirect password reset codes to their own email.
- The breach ran from approximately April 17 until Meta disabled the vulnerable chatbot code path this week.
- Meta has now removed the account-reset functionality from the chatbot and is auditing its other AI tools across its platforms.
Table of Contents
Instagram Accounts Hacked at Scale — Here’s What Meta Actually Confirmed
With Instagram accounts hacked in the thousands and a months-long window of exposure, Meta has finally put a number on one of the more embarrassing security incidents in the company’s recent history: at least 20,225 people had their Instagram accounts taken over after attackers found a way to abuse the platform’s own AI chatbot to force through unauthorised password resets. The figure comes from a data breach notification Meta filed late Friday with Maine’s attorney general’s office — one of those US state-level disclosures that often surfaces details companies would otherwise prefer to keep quiet.
The breach was first reported by 404 Media and TechCrunch earlier this week, but Meta’s filing is the first time the company has officially quantified the damage. Thirty of those affected are Maine residents, but the geographic scope is clearly far wider. And while the number of Instagram accounts hacked — 20,000-plus — might sound modest compared to some of the headline-grabbing breaches of recent years — think the FTC’s $5 billion Facebook settlement over user data misuse — the nature of this particular compromise is what makes it stand out. This wasn’t a credential-stuffing attack or a phishing campaign. Hackers used Meta’s own AI infrastructure against its users.
The Bug That Made the Chatbot an Accomplice
The mechanics of the exploit are straightforward enough to be alarming. Meta operates an AI-assisted account recovery system for Instagram — a chatbot designed to help users who’ve been locked out of their accounts. Buried in the code supporting that system was a flaw that decoupled two things that should always be tightly coupled: the email address provided during a password reset request, and the email address actually registered to the account.
In Meta’s own words, from its breach notice: “due to a bug in a separate code path, the system did not properly verify that the email address provided by the individual requesting a password reset matched the email address associated with that user’s Instagram account.” The company clarified that the tool itself worked properly and functioned as intended — the failure was elsewhere in the pipeline. That’s a meaningful distinction, but it’s cold comfort for the tens of thousands of people whose Instagram accounts hacked in this campaign were stripped from their control.
The practical result? An attacker could walk up to the chatbot, provide any Instagram username they wanted to target, supply their own email address, and receive a legitimate password reset link. The chatbot didn’t flag it. It didn’t reject the mismatch. It just sent the link. At that point, the attacker could set a new password and take over the account entirely — posts, direct messages, linked accounts, contact information, dates of birth, the lot.
There was one meaningful barrier: two-factor authentication. Accounts with 2FA enabled were not vulnerable to this attack. Which means the campaign specifically and exclusively hit users who hadn’t switched it on — a significant population on any platform, and one that’s disproportionately at risk in scenarios exactly like this.
A Campaign That Ran for Months Undetected
According to Maine’s attorney general filing, the hacking campaign began around April 17. The number of Instagram accounts hacked grew steadily and it continued, uninterrupted, until earlier this week — a run of several months during which thousands of accounts were quietly being handed over to attackers. That timeline raises serious questions about Meta’s internal detection capabilities. A prolonged, systematic pattern of password resets being sent to mismatched email addresses feels like exactly the kind of anomaly that should trigger an alert. Apparently, it didn’t — or at least not quickly enough.
Meta says it has now disabled the chatbot in question and stripped out the code path that enabled account resets through that channel. The company also says it’s reportedly sweeping its other AI-powered tools across its platforms to check for similar issues. Whether that audit will surface anything else remains to be seen.
In the meantime, Meta instructed affected users to reset their passwords and re-authenticate through what it describes as “secure, verified channels.” Instagram reportedly began sending password reset notifications to impacted users earlier this week, though some users reported their accounts were still being actively compromised even as those notifications went out — a troubling overlap that suggests the fix wasn’t instantaneous.
The Timing Is Hard to Ignore
This breach lands at a particularly uncomfortable moment for Meta. The company has spent the past year loudly betting on AI — investing billions, rolling out Meta AI across its apps, and positioning itself as a serious rival to OpenAI and Google in the AI assistant space. At the same time, it has been cutting thousands of employees, including significant numbers in trust, safety, and infrastructure roles, while rewarding senior executives with expanded stock incentives. That combination — accelerated AI deployment, reduced headcount, and Instagram accounts hacked through an AI system — is going to be difficult for the company to contextualise in any way that doesn’t raise eyebrows.
It also feeds into a broader industry conversation that’s been simmering for a while: what happens when AI systems are given sensitive capabilities — like initiating account recovery flows — without the same rigorous security scrutiny applied to traditional software? The chatbot itself worked as designed. The failure was in the surrounding infrastructure. But the chatbot was still the attack surface. Giving an AI tool the keys to account authentication, without airtight verification at every stage of that pipeline, is a risk that this incident illustrates with painful clarity.
What Users Should Do Right Now
If you haven’t turned on two-factor authentication for your Instagram account, this is your reminder. Every case of Instagram accounts hacked in this campaign involved accounts that didn’t have it enabled. A hardware key, an authenticator app, or even SMS-based 2FA would have blocked this attack entirely. It’s one of those security fundamentals that gets repeated so often it starts to sound like noise — and then an incident like this comes along and proves it’s not.
Beyond 2FA, it’s worth checking which third-party apps and services are connected to your Instagram account and revoking anything you don’t recognise or actively use. If your account was one of the 20,225 Instagram accounts hacked in this breach, Meta says it has already notified you, but the company also acknowledges it’s “unaware” of precisely what personal information was accessed during the compromise — which is less than reassuring.
Meta hasn’t confirmed whether the attackers behind this campaign were operating for financial gain, using compromised accounts to run scams or resell access (a thriving underground market), or had some other motivation entirely. Until that picture becomes clearer, the total count of Instagram accounts hacked should be treated as a floor, not a ceiling. What’s clear is that handing AI systems operational control over account security — without bulletproof verification at every handoff — is a template for exactly this kind of failure. As AI assistants get deeper access to more sensitive systems across the industry, that lesson is one every platform should be studying right now.
Source: Hacker News
Frequently Asked Questions
How were Instagram accounts hacked through Meta’s AI chatbot?
A bug in a separate code path meant the chatbot failed to verify that the email address provided during a password reset request matched the account’s registered email. Attackers simply asked the chatbot to send a reset link to an email they controlled, and it complied — no sophisticated exploit required.
Who was affected by the Meta Instagram chatbot breach?
Meta notified at least 20,225 people whose accounts were compromised, including 30 residents of Maine. The company confirmed attackers could access profile information, contact details, dates of birth, direct messages, posts, and linked account activity.
Does two-factor authentication protect against this kind of attack?
Yes. Meta confirmed the chatbot vulnerability only affected accounts that did not have two-factor authentication enabled. Accounts with 2FA switched on were not susceptible to this particular password-reset exploit.
What has Meta done to fix the Instagram chatbot vulnerability?
Meta disabled the AI chatbot entirely and removed the code path that allowed it to initiate account password resets. The company says it is also reviewing other chatbots across its platforms to ensure no similar flaws exist elsewhere.
