Hackers Exploit Meta AI Support Bot to Hijack Obama-Era White House Instagram Account

The breach, confirmed by Meta, has raised urgent questions about whether AI systems should be trusted with sensitive security tasks such as account recovery and password resets.

Tech_03062026 — When AI Becomes the Weak Link

Hackers exploited Meta’s AI-powered support chatbot to infiltrate high-profile Instagram accounts, including the Obama-era White House account, in a breach that has intensified concerns over the use of artificial intelligence in critical security functions.

Meta confirmed the issue on Monday, saying the flaw had been resolved and that the company was securing affected accounts. But the incident has already become a cautionary case for the technology industry: an AI tool designed to make account recovery easier appears to have been manipulated into helping attackers take control of accounts it was supposed to protect.

The compromised accounts reportedly included the inactive @obamawhitehouse Instagram account, beauty retailer Sephora and the account of U.S. Space Force Chief Master Sergeant John Bentivegna. Users also reported similar hijackings across Reddit and X, suggesting the problem was not limited to a single high-profile target.

According to videos and screenshots circulated on Telegram and X, attackers were able to open a chat with Meta’s AI support assistant and persuade it to add a new email address to a target account. The chatbot then sent a verification code to the attacker-controlled email address. Once the hacker entered that code into the chat, the system presented an option to reset the account password.

In some cases, attackers reportedly used virtual private networks to make their location appear closer to that of the account owner, helping them bypass automated safeguards. Security researchers said the method was alarming not because it required advanced malware, but because it appeared to rely on social manipulation of an AI support flow.

The Obama-era White House account, which had been inactive for years, reportedly began posting Iranian propaganda before Meta secured the page and removed the content. The breach drew attention not only because of the account’s symbolic value, but because it showed how dormant or lightly monitored accounts can still become powerful vehicles for disinformation when compromised.

The incident comes as Meta has aggressively expanded its use of AI across Facebook, Instagram and other platforms. Earlier this year, the company promoted AI support assistants as a way to help users resolve problems faster, including account recovery and password-related issues. That promise is now under scrutiny.

Cybersecurity experts have long warned that AI tools should not be given authority over sensitive account controls without strict limits, audit trails and human escalation paths. A chatbot that can modify emails, trigger recovery codes or reset passwords is not merely a customer-service feature; it becomes part of the security perimeter.

The breach also exposes a broader challenge for companies racing to automate support. Human support teams are expensive and often slow, but they can apply judgment when a request appears suspicious. AI systems, by contrast, may follow instructions too literally or fail to distinguish between a legitimate account owner and an attacker who knows how to phrase a request convincingly.

Meta has not publicly disclosed how many accounts were affected or whether all compromised accounts lacked multi-factor authentication. Some reports suggested the exploit was most effective against accounts without strong additional protections, although concerns remain about whether AI-driven recovery systems could weaken even well-secured accounts if implemented poorly.

For users, the lesson is direct: account recovery is now a major attack surface. Strong passwords and two-factor authentication remain important, but they are not enough if platform-level support systems can be manipulated into overriding normal protections.

For Meta, the damage is reputational as well as technical. The company has positioned AI as central to its future, investing heavily in infrastructure, assistants and automated tools. But the Instagram hijackings demonstrate that speed and convenience can become liabilities when AI is allowed to handle high-risk actions without sufficient safeguards.

The breach may now prompt wider scrutiny from regulators, privacy advocates and security professionals over how AI support systems are tested before deployment. Questions are likely to focus on whether Meta conducted adequate adversarial testing, whether human review should be required for account changes, and whether users were given enough warning that AI tools could intervene in security-sensitive processes.

The immediate vulnerability may have been patched, but the deeper issue remains unresolved. As technology companies hand more authority to AI systems, they must decide which tasks should be automated — and which should remain too sensitive to entrust to a chatbot.