Find notable cyber news and cases, enriched with sources, timelines, and signals.

Meta AI-powered support tools abused in Instagram account recovery flow

Security Tool/Service
First reported
Last updated
Happening score
H score 26
3 unique sources, 4 articles

Summary

Hide ▲

Instagram accounts were hijacked after attackers abused Meta’s AI-powered support tools to pass recovery checks and change the recovery email, creating a direct failure in automated identity verification. The abuse reportedly leveraged selfie verification and AI-generated video and could bypass 2FA, leaving victims stuck in AI-only support loops with no human escalation. Reported targets included a White House team account, Jane Manchun Wong, @hey, and @korn, and Meta said the issue had been resolved and impacted accounts were being secured.

Related Happenings

Anthony Belford spoofed-account harassment campaign against a Georgia college student

Campaign
H score35 First: 19.06.2026 11:44 Last: 19.06.2026 11:44 Sources 1

About this happening: The alleged spoofed-account harassment campaign against a Georgia college student has been tied to repeated use of fake social profiles and email to spread AI-generated...

Instagram account data exposed through Meta HTS recovery flaw

Data Leak
H score40 First: 08.06.2026 11:00 Last: 08.06.2026 11:00 Sources 1

How related: Among the data exposed by the security snafu were: Contact information (email address and/or phone number) Date of birth Social media posts and content (photos, videos, stories) Direct messages and communications

About this happening: Instagram account data was exposed after a flaw in Meta’s High Touch Support (HTS) recovery flow let unauthorized third parties receive password reset links for 20,225 a...

Instagram High Touch Support password reset security flaw

Vulnerability
H score40 First: 08.06.2026 09:00 Last: 08.06.2026 09:00 Sources 1

How related: The tool itself worked properly and functioned as intended; however due to a bug in a separate code path, the system did not properly verify that the email address provided by the individual requesting a password reset matched the email address associated with that user’s Instagram account,

About this happening: Meta's High Touch Support (HTS) flaw enabled attackers to trigger Instagram password resets, creating account-takeover risk for over 20,000 users and weakening protect...

Dashlane personal-plan users' encrypted vault exposure

Data Leak
H score26 First: 02.06.2026 06:55 Last: 02.06.2026 06:55 Sources 1

About this happening: On May 31, 2026, Dashlane disclosed that an external brute-force account attack led to encrypted vaults being downloaded for fewer than 20 personal-plan users, cre...

Instagram accounts for Obama White House hit by account takeover attack

Incident
H score40 First: 01.06.2026 20:32 Last: 01.06.2026 20:32 Sources 1

How related: Multiple Instagram users had their accounts hijacked after attackers convinced Meta’s AI-powered support tools that they were the legitimate owners.

About this happening: The Instagram accounts for the Obama White House and the Chief Master Sergeant of the U.S. Space Force were briefly defaced after attackers abused Meta’s AI supp...

Timeline

  1. 02.06.2026 18:47 5 articles · 1mo ago

    Instagram account takeovers exploit Meta AI support tools

    Initial Disclosure

    Attackers abused Meta’s AI-powered support tools in Instagram account recovery to convince the system they were the legitimate owners, change the associated email address, and reset access, leaving multiple users locked out of rare or high-value accounts including one previously used by the Obama White House team, one belonging to app researcher Jane Manchun Wong, @hey, and @korn; Meta’s vice president of communications said the issue had been resolved and impacted accounts were being secured.

    Show sources