Loading article…
Meta is under fire after hackers exploited its AI support agent to compromise 20,000 accounts, raising new questions about platform security and privacy.
Recent reports indicate that hackers successfully compromised more than 20,000 Instagram accounts by manipulating Meta’s AI-powered support assistant [1]. The exploit allowed unauthorized users to trick the automated system into sending password reset emails to addresses controlled by the attackers, effectively bypassing account security [1].
Key takeaways
The account hijacking incident highlights a significant flaw in Meta’s reliance on automated AI support for sensitive account management tasks. By posing as legitimate account owners, hackers were able to convince the AI support agent to facilitate password resets [1]. While the breach was limited to accounts lacking two-factor authentication, the scale of the incident—affecting 20,000 accounts—has prompted urgent recommendations for users to bolster their security settings [1].
Beyond the immediate threat of account takeovers, Meta is facing backlash for its evolving data collection policies. The company recently announced plans to utilize activity data from third-party websites that incorporate Meta business services, such as Meta Pixel, to personalize feeds across Facebook and Instagram [1]. While this data-sharing practice is common among digital platforms, Meta’s application of this information for feed personalization has drawn scrutiny from privacy advocates [1]. Users can manually disable this tracking by navigating to the "Off-Meta Activity" section within their account settings [1].
The security concerns coincide with ongoing debates regarding Meta’s efforts to protect younger users. Although Meta has expanded its "Teen Accounts" globally, featuring filtered content and restricted direct messaging, critics argue these measures are insufficient [2]. The online safety company Bark recently challenged the validity of an internal audit Meta commissioned, describing the process as a "restaurant paying a critic to review itself" [2].
Furthermore, the effectiveness of these safety tools remains a point of contention. A recent study found that nearly 60% of teens within these restricted accounts still encountered unsafe content or unwanted messages [2]. Because the system relies on users accurately reporting their birthdates, safety advocates emphasize that parental monitoring remains a necessary layer of protection, as automated safeguards can be easily bypassed or may prove ineffective in practice [2].
Coverage is mostly measured — 7 of 7 reports stay neutral.
Every Monday — the token unlocks, Fed dates & catalysts set to move crypto and markets this week. So you’re never blindsided.
Free · 3-min read · one-click unsubscribe
AI-assisted synthesis by the TrendWatcher Editorial Desk · sourced from 2 outlets · Jun 11, 2026 · How we report
The AI assistant is currently in testing with event attendees, while the desktop version is described as 'coming soon'.
Yes, Edits is free to download on both iOS and Android devices.
The assistant will utilize a creator's Instagram data, including video views and retention insights, to suggest content ideas and trending audio.
The convergence of AI-driven security failures and persistent privacy concerns places Meta under intense pressure to demonstrate that its automated systems are both secure and transparent. As the company integrates more AI tools into its support and personalization infrastructure, the potential for large-scale vulnerabilities grows. For users, the situation underscores the importance of manual security measures, such as two-factor authentication, and the need for vigilance regarding how personal data is shared across the broader digital ecosystem [1, 2].
The Beta tab provides creators with early access to experimental features still in development and allows them to provide feedback to Meta.