Meta bug exposed 34,000 Instagram accounts via AI support tool

A flaw in a Meta customer service system let hackers use an AI-powered chatbot to reset Instagram passwords, leaving more than 34,000 accounts vulnerable. Internal Meta documents reviewed by The New York Times showed about 20,000 accounts were breached, exposing email addresses, phone numbers, birth dates and other personal data, while more than 3,500 accounts had their usernames taken over. The affected accounts included a former White House Instagram account from Barack Obama's presidency, SimpliSafe and a senior official in Donald Trump's Space Force department. Meta said it fixed the flaw after it was reported by 404 Media in June and is notifying regulators and affected users.