{"id":267057,"date":"2026-06-08T02:00:00","date_gmt":"2026-06-08T06:00:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/06\/08\/over-20000-instagram-accounts-stolen-in-meta-ai-support-hack\/"},"modified":"2026-06-08T03:45:20","modified_gmt":"2026-06-08T07:45:20","slug":"over-20000-instagram-accounts-stolen-in-meta-ai-support-hack","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/06\/08\/over-20000-instagram-accounts-stolen-in-meta-ai-support-hack\/","title":{"rendered":"Over 20,000 Instagram accounts stolen in Meta AI support hack"},"content":{"rendered":"<p><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/meta-ai-support-data-breach-affects-20-000-instagram-accounts\/\">Over 20,000 Instagram accounts stolen in Meta AI support hack<\/a><\/p>\n<p><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/meta-ai-support-data-breach-affects-20-000-instagram-accounts\/\">https:\/\/www.bleepingcomputer.com\/news\/security\/meta-ai-support-data-breach-affects-20-000-instagram-accounts\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-06-08 02:00:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.bleepingcomputer.com\">www.bleepingcomputer.com<\/a><\/p>\n<p style=\"text-align:center\">\n<p>Meta has revealed that over 20,000 Instagram users had their accounts hijacked in a recent incident where attackers\u00a0used Meta&#8217;s AI-powered support system to reset passwords.<\/p>\n<p>As BleepingComputer reported one week ago, the threat actors exploited a flaw in the company&#8217;s High Touch Support (HTS) tool,\u00a0an AI-assisted support system that\u00a0helps users regain access after being\u00a0locked out of their Instagram\u00a0accounts.<\/p>\n<p>By exploiting the fact that HTS didn&#8217;t verify whether email addresses were associated with the targeted Instagram accounts, they obtained password reset links that allowed them to log in and hijack accounts without\u00a0two-factor authentication (2FA) enabled.<\/p>\n<p> <img decoding=\"async\" src=\"https:\/\/www.bleepstatic.com\/c\/w\/state-of-ai-report-970.jpg\" alt=\"image\" style=\"margin-top: 0px;\"\/><\/p>\n<p>After a wave of user reports regarding these attacks hit social media platforms,\u00a0Andy Stone, Meta&#8217;s\u00a0vice president of communications,\u00a0replied\u00a0to one of the affected users, stating that the &#8220;issue has been resolved, and we are securing impacted accounts.&#8221;<\/p>\n<p>BleepingComputer has also contacted Meta last week for comment on this security breach, but we have yet to hear back.<\/p>\n<p>&#8220;We are writing to inform you that a vulnerability in an Instagram account recovery support tool\u00a0was used to potentially compromise the Instagram accounts of 30 users in your jurisdiction. All\u00a0accounts have been secured to prevent any continued unauthorized access,&#8221; Meta said in a data breach letter\u00a0recently\u00a0filed with Maine&#8217;s Office of the Attorney General.<\/p>\n<p>&#8220;On May 31, 2026, Meta discovered that there was a vulnerability in an AI-assisted account\u00a0recovery system for Instagram (&#8216;High Touch Support&#8217;\u00a0or &#8216;HTS&#8217;) that was exploited by\u00a0unauthorized third parties to perform password resets on Instagram user accounts,&#8221; Meta explained.<\/p>\n<p>While Meta didn&#8217;t specify when the attacks began in the breach letter, the filing on Maine&#8217;s OAG website says the breach occurred on April 17, which is likely the date of the first attack exploiting the HTS flaw.<\/p>\n<p>Additonally, although the company said\u00a0it has no&#8230;<\/p>\n<p><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/meta-ai-support-data-breach-affects-20-000-instagram-accounts\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Over 20,000 Instagram accounts stolen in Meta AI support hack https:\/\/www.bleepingcomputer.com\/news\/security\/meta-ai-support-data-breach-affects-20-000-instagram-accounts\/ Publish Date: 2026-06-08 02:00:00&#8230;<\/p>\n","protected":false},"author":1,"featured_media":267058,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/www.bleepstatic.com\/content\/hl-images\/2026\/06\/08\/Meta.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[26,30,27],"class_list":["post-267057","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-ai","tag-breach","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/267057"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=267057"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/267057\/revisions"}],"predecessor-version":[{"id":267059,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/267057\/revisions\/267059"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/267058"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=267057"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=267057"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=267057"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}