Meta AI Support Exploit Hijacks Obama White House Instagram Account

Instagram account takeovers are often associated with stolen passwords, phishing links, or compromised email accounts. The latest breach ran through Meta’s own support system.

Hackers used Meta’s AI support assistant to carry out a series of Instagram account takeovers, including one targeting the archived Obama White House account, according to reports. High-profile targets gave the breach a wider impact, but the risk sits in the account-recovery process itself.

A recovery feature became the route into the account.

How the reset flow was abused

The X walkthrough showed a takeover beginning in an unexpected place, inside a support chat. Instead of stealing the victim’s password, the attacker appeared to use a VPN near the target’s presumed location, then asked Meta’s AI Support Assistant to add a new email address to the Instagram account.

From there, the recovery flow did the rest. A verification code was sent to the attacker’s inbox, fed back into the chat, and the bot surfaced the option to reset the password.

The original email account never had to be compromised. TechCrunch verified that the public inbox shown in the video received the verification code, while KrebsOnSecurity reported that similar instructions had circulated on Telegram.

Meta later said the issue had been fixed. “This issue has been resolved and we are securing impacted accounts,” company spokesperson Andy Stone wrote on X. 

Big-name account takeovers exposed the scale of the risk

Aside from the archived Obama White House account, Sephora, and the US Space Force Chief Master Sgt. John Bentivegna was reportedly among the affected accounts. Security researcher Jane Manchun Wong also said her Instagram account was taken over after a series of password reset attempts.

Some hijacked accounts were briefly defaced with pro-Iranian images and messages. Other targets appeared to be valuable short Instagram handles, the kind often chased in account-theft markets because they can be resold for large sums.

Recognizable public accounts, security professionals, consumer brands, and prized usernames were all pulled into the same breach, showing how the recovery weakness could affect very different types of Instagram users.

AI support bots are becoming security targets 

Account controls such as recovery details, identity checks, and password reset flows make AI support tools attractive to attackers.

Ian Goldin, a threat researcher at Lumen’s Black Lotus Labs, told KrebsOnSecurity that large platforms are entering “unchartered security territory” as AI chatbots take on sensitive recovery requests. “AI chatbots create interesting new attack surface, and we’re likely going to see a lot more of these kinds of attacks,” Goldin said.

Human help desks have long been vulnerable to social engineering. AI support automates that problem, giving attackers a system they can probe until the recovery flow gives way.

Permiso researchers found a prompt-injection flaw that can make ChatGPT summaries display phishing links and QR codes.