Meta's AI Support Agent Bypassed Security to Hand Over Account Access
Cybercriminals tricked Meta's AI customer support chatbot into sending password reset codes without verifying the user's identity. The attack targeted premium Instagram handles worth over $1 million combined, which attackers then listed for sale on Telegram.
Researchers ZachXBT and Dark Web Informer tracked specific accounts being offered, including @hey and @jowo. The attackers exploited the AI system's process for handling account recovery requests-a task typically handled by humans in customer support teams.
Why This Matters for Support Teams
This incident exposes a core vulnerability in delegating sensitive operations to AI for Customer Support systems. Unlike standard customer inquiries, password resets and account recovery require human judgment and verification protocols that AI agents may not enforce consistently.
The attack bypassed platform defenses rather than targeting individual user security practices. Even if customers use multi-factor authentication, a compromised account recovery process can render those protections irrelevant.
What Meta Did
Meta patched the vulnerability and said no systems were breached. The company confirmed user accounts remain secure following the fix.
The Broader Issue
Support teams increasingly use Generative AI and LLM chatbots to handle routine requests and reduce workload. This case shows the risks when those systems handle tasks requiring strict identity verification.
Organizations deploying AI for customer support need clear rules: certain requests-particularly those involving account access, password resets, or payment changes-should route to human agents who can verify identity through multiple channels before proceeding.
Your membership also unlocks:
