Meta’s AI-powered account recovery tool allowed unauthorized parties to hijack 20,225 Instagram accounts over approximately seven weeks, the company confirmed in a data breach notice filed with Maine’s Office of the Attorney General.

High Touch Support (HTS), an AI-assisted Instagram account recovery tool, contained a code path bug that failed to verify whether the email address submitted during a recovery request matched the one already linked to the targeted account. Attackers exploited this to redirect password reset links to addresses they controlled. Accounts without two-factor authentication (2FA) were vulnerable.

“Due to a bug in a separate code path, the system did not properly verify that the email address provided by the individual requesting a password reset matched the email address associated with that user’s Instagram account,” Amber Hannah, Meta’s associate general counsel for incident response legal, stated in the Maine filing.

The attack also required initiating the recovery session from an IP address matching the target account’s regional location, achievable using a VPN. Exploit instructions circulated on Telegram starting May 31, triggering a wave of reported hijackings. TechCrunch reported that account takeovers continued even after Meta said the issue had been resolved.

Among the compromised accounts were the Obama-era White House, beauty retailer Sephora, and U.S. Space Force Chief Master Sergeant John Bentivegna. Pro-Iranian actors defaced several seized accounts with political imagery. Stolen accounts were subsequently listed for sale on dark web markets.

Meta disabled HTS, invalidated all associated password reset links, and enrolled affected accounts in a mandatory security checkpoint. In a statement to PCMag, the company said the breach “wasn’t due to the AI agent itself.”

Hannah said Meta intends to restore HTS only after fixing authentication to ensure “proper verification of email addresses against existing account information before any password reset is initiated.”