Meta Discloses 20K Instagram Accounts Hijacked via AI Support Tool
Meta notified authorities that approximately 20,000 Instagram accounts were compromised after attackers exploited a vulnerability in its AI-powered High Touch Support (HTS) tool. The flaw allowed unauthorized password resets without proper email verification, enabling account takeovers especially on accounts without 2FA. Meta disabled the tool, implemented security checkpoints, and plans to notify affected users.
- account-access
- password-reset
- profile-info
- dms
- posts
Attackers exploited a vulnerability in Meta's AI-powered High Touch Support tool to hijack approximately 20,000 Instagram accounts, gaining access to passwords, direct messages, posts, and profile information.
Public reporting from BleepingComputer and SecurityWeek indicates that the flaw allowed unauthorized password resets without proper email verification. The breach primarily affected accounts that lacked two-factor authentication. Meta has since disabled the High Touch Support tool, added new security checkpoints, and notified law enforcement. The company plans to reach out directly to those whose accounts were compromised.
Want the rest of this breakdown?
Sign up free to keep reading. Members get extended access, the weekly breach digest, and a complimentary Warden™ to see if their identity is exposed in the breaches we cover.
A breach leaks your credentials. Then hackers chain those credentials to your address, family, phone, and employer using public broker sites. We’re the only tool built around that chain.
⚠ Were you in this breach?
Free email scanner. We check your address against 15.4B+ leaked records in 15 seconds — then show you the $19 cleanup that removes you from the broker sites aggregating leaked data.
Check my email — free →