Meta Instagram Accounts Hijacked, Revealing New AI Cybersecurity Risks

A recent Instagram account hijacking incident involving Meta has exposed novel cybersecurity risks stemming from artificial intelligence being granted high-level permissions. The breaches targeted high-profile accounts, including the former official White House account, beauty brand Sephora, and U.S. Space Force personnel.

“

This incident is not because the backend system was breached, data was leaked, or servers were compromised, but occurred during the account recovery process, where attackers successfully exploited loopholes in the AI customer service verification mechanism to gain account control.

Unlike typical hacking scenarios involving system intrusions or data leaks, this incident occurred during the account recovery process. Attackers reportedly used VPNs to mask their location and then interacted with Meta's AI customer support, claiming they could not access their accounts. The AI system, failing to adequately verify the requester's identity, granted the request to change the account's associated email address.

“

The biggest problem in this incident is not the system being breached, but the lack of sufficiently rigorous identity verification mechanisms when AI performs high-privilege operations.

Once the email was changed, the hackers could reset the password and seize control of the account, effectively locking out the legitimate owner. This method is described as "tricking AI" rather than "hacking Instagram," akin to a person deceiving a bank teller into changing the lock on a safe deposit box without proper identification.

“

In the future, when companies introduce AI customer service or AI Agents, they should not only pursue efficiency and automation but also establish multi-factor authentication, risk assessment, and human review mechanisms to prevent AI from performing sensitive operations alone.

Meta has been increasingly integrating AI into its customer service operations to improve efficiency and reduce the burden on human agents. However, this event reveals a new attack vector where adversaries study AI's decision-making logic and conversational flows to manipulate systems into performing unauthorized actions. Security experts emphasize that the core issue is not a system breach but the AI's insufficient identity verification mechanisms for high-privilege operations. They advise companies to implement multi-factor authentication, risk assessments, and human oversight for AI handling sensitive tasks, and to consider proactive defense measures like deception technology.

“

In the past, hackers tried to break through systems; now they are starting to study how to deceive AI. In the future, companies, in addition to protecting the system itself, need to ensure that AI does not become a new entry point for attackers into the organization.