Meta says it has fixed an issue after hackers reportedly tricked its AI-powered support assistant into helping take over Instagram accounts. The most useful lesson for ordinary UK users is not that everyone should panic about one incident. It is that account recovery is becoming more automated, and those automated systems can sometimes be given too much power.
The Guardian reported on 1 June 2026 that hackers used Meta’s AI support chatbot to infiltrate high-profile Instagram accounts, including the archived Obama White House account and accounts linked to Sephora and a senior US Space Force figure. The BBC also picked up the story on 2 June, reporting that Meta had linked the issue to recent high-profile account hijackings.
According to the reports, the attack did not depend on a user clicking a phishing link or handing over a password. Instead, the attackers appear to have persuaded Meta’s own support system to change account recovery details. That is why the story matters beyond celebrity or brand accounts. It shows what can happen when an AI assistant is allowed to perform sensitive support tasks, such as changing the email address linked to an account or triggering password recovery.
What appears to have happened
Meta introduced an AI support assistant for Facebook and Instagram users earlier this year. The idea was straightforward: people often struggle to get help with scams, impersonation, locked accounts and password problems, so an assistant that can respond quickly sounds useful.
The problem is that support work is not just answering questions. In some cases it involves changing the state of an account. A bot that can explain how to reset a password is one thing. A bot that can help change the recovery email on an account is handling a much more sensitive job.
The Guardian reported that videos and screenshots shared by security researchers and hacking groups appeared to show attackers using Meta’s AI assistant to link a target account to a new email address, then reset the password. Meta said the issue had been resolved and that it was securing affected accounts. The company has not said publicly how many accounts were affected.
That distinction matters. This was not a claim that Instagram’s whole system had been broken open. It was a support and recovery weakness: the part of the system designed to help people regain control could be manipulated in a way that helped the wrong person.
Why ordinary users should care
Most people will not own an account with a famous name, a valuable short handle or millions of followers. But plenty of ordinary people rely on Instagram or Facebook for work, family photos, community groups, side businesses, school clubs or local causes. Losing access can be stressful even when the account has no obvious resale value.
The bigger issue is confidence. We are used to thinking of AI support as a convenience feature: faster answers, less waiting, no need to find the right help page. This incident is a reminder that convenience becomes riskier when the assistant can make account-level changes.
It also connects to a pattern ManyHands has covered before: AI tools are being given more access and authority. When that access includes inboxes, files, payment flows or account recovery, users need more than a friendly chat window. They need strong boundaries.
What to check on your own accounts
Turn on two-factor authentication. Use an authenticator app or security key where the service allows it. SMS codes are better than nothing, but they are not the strongest option. If you already use two-factor authentication, check that backup codes are stored somewhere safe and not sitting in the same account they are meant to protect.
Check your recovery email and phone number. Open the account settings for Instagram, Facebook and any other important service. Make sure the recovery details are still yours and still accessible. Old email addresses, recycled phone numbers and shared inboxes can all weaken account recovery.
Review logged-in devices. Most platforms let you see where your account is currently signed in. Remove sessions you do not recognise, especially old phones, shared computers or devices you no longer own.
Protect the email account behind everything. If someone controls your main email inbox, they can often reset many other accounts. Your email account should have strong two-factor authentication, a unique password and recovery details that are kept up to date.
Be cautious with urgent support messages. If you receive a message saying your account is at risk, do not follow links from the message. Go to the app or website directly. Attackers often use real news about security incidents to make fake warnings feel more believable.
What platforms need to prove
Users can do a lot, but they cannot fix every weakness in a platform’s own support process. If an attacker can convince a company’s automated support system to change account recovery details, the main failure is inside the service, not with the victim.
That is why companies using AI in support need to be clear about what the system can and cannot do. Sensitive actions should require stronger checks than a normal chat. The assistant should not be able to turn a polite request into an account takeover. There should also be audit trails, clear reversal routes and fast human escalation when something looks wrong.
For users, the practical question is simple: what happens if the bot gets it wrong? If an AI support tool can help someone change an email address, close an account, unlock a profile or reset security settings, the company needs to show how it checks identity before taking action.
The real lesson is about power, not chatbots
It is easy to treat this as another strange AI story: a chatbot was fooled, famous accounts were targeted, Meta says it fixed the issue. But the more important lesson is about where AI assistants sit in a service.
An assistant that suggests help articles is low risk. An assistant that can act on your account is different. It may be helpful when you are locked out, but dangerous if the wrong person can persuade it to help them instead.
That does not mean automated support is always bad. Many people have spent years frustrated by slow or unreachable platform support, and better help would be welcome. But AI support has to be designed like a security system, not just a customer-service shortcut.
For now, UK users should make sure their own account basics are strong, especially on services they would genuinely miss if they lost them. The rest is a question for platforms: if AI is going to help with account recovery, it must be much better at knowing who it is really helping.
