According to a June 1 report by 404 Media, Meta has confirmed that hackers exploited a security vulnerability in its AI customer service chatbot to successfully take over multiple well-known Instagram accounts. Affected accounts include the official Instagram account from the Obama White House period of former U.S. President Obama, well-known cosmetics brand Sephora, and the official account of the U.S. Space Force’s Chief Master Sergeant.
Complete Attack Chain: How the AI Customer Service Was Bypassed
Citing a video shared on Telegram by the hacking community and security researchers, 404 Media reports that the attack process has been confirmed:
Location spoofing: The attackers used a VPN to disguise the network location as the same country region as the target account.
Send a request: Send a message to the Meta AI customer service chatbot, asking it to link the target account to a new email address provided by the attacker.
Receive the verification code: The Meta AI customer service chatbot sends an 8-digit verification code to the new mailbox provided by the attacker.
Complete the takeover: The attacker enters the verification code in the chat interface, obtains password reset privileges, and fully takes control of the target IG account.
Meta’s official explanation states that when an account email is changed, the system should notify the original mailbox with a message containing a special recovery link, but the vulnerability in the Meta AI customer service chatbot caused this mechanism to fail to trigger properly.
Meta’s Official Response: Vulnerability Fixed, Number of Affected Accounts Not Yet Disclosed
Meta has confirmed the reality of this security incident, that the vulnerability has been fixed, and that it is assisting affected accounts in strengthening their protections. The total number of affected accounts had not been disclosed as of the time of the report.
Meta AI customer service assistant launched in early 2026, claiming it can help users handle key requests such as resetting passwords and account security recovery. Just months after going live, the attack incident broke out.
Layoff Background: 8,000 Jobs Cut Announced on May 20, 2026
On May 20, 2026, Mark Zuckerberg sent a layoff notice to employees worldwide, cutting approximately 8,000 employees (10% of total headcount). The goal was to reduce operating costs to support projected AI capital expenditures of up to $12.5 billion to $14.5 billion, and to push for flatter management.
According to a report by Wired, Meta hit a near $27 billion profit record in the first quarter of 2026, but employee morale inside the company sank to a low point. After confirming that accounts had been attacked, Jane Manchun Wong publicly said, “Congratulations to Meta for laying off the Trust and Safety (T&S) team and handing account support services to easily deceived AI robots for automated handling.” Meta did not provide official comments on the scale of the T&S layoffs or their impact on security capabilities.
FAQ
What is the core issue with the Meta AI customer service chatbot vulnerability?
According to 404 Media’s report, when the Meta AI customer service chatbot receives a request to change an account email, it sends the verification code to a new mailbox provided by the attacker, without enforcing a security mechanism that would send a notification or a recovery link to the original mailbox. Under normal procedures, an email change should trigger a notification to the original mailbox, but the AI chatbot’s implementation bypassed this verification.
Which well-known accounts have confirmed they were affected, and has Meta published the total number of affected accounts?
Confirmed affected high-profile accounts include the official Instagram account from the Obama White House period of former U.S. President Obama, cosmetics brand Sephora, and the official account of the U.S. Space Force’s Chief Master Sergeant. Meta confirmed the incident was real, but as of the time of the report, it had not published the total number of affected accounts.
What direct connection is there between Meta’s layoff plan and this security incident?
Former Meta employee Jane Manchun Wong said publicly that after the T&S team was laid off, account support was handled by AI robots, and she pointed out that this was one of the background factors that enabled the attack to succeed. Meta has not provided official commentary on the specific scale of the T&S layoffs or their impact on overall security protection capabilities.
