**
In a startling breach of security, hackers have successfully exploited Meta’s AI support chatbot to gain unauthorised access to several notable Instagram accounts, including the official White House account from Barack Obama’s presidency. The incident, confirmed by Meta, has ignited concerns about the safety and reliability of AI in managing critical security functions, especially when it comes to password protection.
A Flaw in the System
The breach came to light on Monday after researchers highlighted the vulnerabilities within Meta’s AI chatbot system. The culprits targeted a range of high-profile accounts, from the former President’s Instagram profile to the official page of Sephora, and even the chief master sergeant of the U.S. Space Force. Reports indicate that everyday users were also victims of similar account hijackings, with many taking to platforms like Reddit and X to share their experiences over the weekend.
Security experts and hackers alike circulated videos and screenshots on Telegram, illustrating how the account thefts were carried out. One particular video showcased a hacker instructing Meta’s AI assistant to link a target account to a new email address. The AI bot, seemingly oblivious to the deception, confirmed that a verification code had been dispatched to the new email and requested the hacker to input the code in the chat. Once the correct number was provided, the hacker was granted access to reset the password of the targeted account.
In a particularly clever move, at least one hacker employed a virtual private network (VPN) to mask their location, thereby circumventing Meta’s security measures.
Meta’s Response
In light of the breach, Meta released a statement assuring users that the problem had been resolved and that they were in the process of securing the affected accounts. However, the exact number of compromised accounts remains uncertain, leaving many users anxious about the integrity of their own profiles.
The incident has raised pressing questions regarding the reliance on AI for safeguarding sensitive information, particularly when it comes to password management. Reports also indicated that some stolen account handles were being listed for sale on Telegram, further compounding the issue.
The Impact of AI on Security
The incident comes at a time when Meta is heavily investing in AI technologies. Earlier this year, the company rolled out its AI support assistant across Facebook and Instagram, with promises of enhanced user support for a variety of actions, including password resets and reporting problematic accounts. Mark Zuckerberg has committed a staggering $145 billion (£108 billion) to bolster AI infrastructure, signalling a major shift in how the company operates.
However, the aspirations of AI “super-intelligence”—machines that surpass human cognitive capabilities—raise ethical concerns. Zuckerberg has even suggested that AI could serve as a substitute for human therapists, a notion that has drawn criticism from mental health professionals who worry about the appropriateness of AI recommendations.
Why it Matters
This breach serves as a wake-up call about the vulnerabilities that lurk behind the convenience of AI-driven solutions. With major companies like Meta relying on AI for critical security functions, it’s imperative to scrutinise the robustness of these systems. As technology continues to advance, users must remain vigilant and informed about potential risks, ensuring that their digital lives are safeguarded against unscrupulous actors. This incident not only highlights the need for enhanced security measures but also raises broader questions about the ethical implications of AI in our daily lives.
