BotBeat
...
← Back

> ▌

MetaMeta
UPDATEMeta2026-06-03

Meta Resolves AI Chatbot Security Flaw That Exposed High-Profile and Regular User Accounts

Key Takeaways

  • ▸Hackers exploited Meta's AI chatbot to bypass two-factor authentication and reset account passwords
  • ▸High-profile targets included Barack Obama's White House account, Sephora, and U.S. Space Force leadership
  • ▸The exploit leveraged the chatbot's legitimate account management functions to facilitate unauthorized access
Source:
Hacker Newshttps://globalnews.ca/news/11886958/meta-hack-ai-chatbot-accounts-hijacked/↗

Summary

Meta has patched a critical security vulnerability in its AI chatbot that allowed hackers to hijack user accounts by exploiting the assistant's account management capabilities. According to 404 Media and The Guardian, attackers targeted high-profile accounts including Barack Obama's White House email, beauty retailer Sephora, and U.S. Space Force Chief Master Sergeant John Bentivegna. Regular users also reported similar takeovers, with some posting video evidence of the exploit.

The vulnerability allowed hackers to trick Meta's AI assistant into initiating account password reset flows. By asking the chatbot to link a new email address to a target account, the bot would send a verification code to the attacker's email rather than the legitimate account holder, effectively bypassing two-factor authentication. Once the hacker supplied the verification code in the chat, they gained access to password reset functionality, granting full account control.

"This issue has been resolved and we are securing impacted accounts," Meta said in a statement. The patch comes amid Meta's operational shift toward AI-driven customer support and content moderation, with the company deploying its chatbot for password resets, account management, and reporting abuse across Facebook and Instagram.

  • Meta has patched the vulnerability and is securing impacted accounts
  • The incident highlights security risks as Meta increasingly relies on AI for customer support and account management
AI AgentsCybersecurityPrivacy & Data

More from Meta

MetaMeta
POLICY & REGULATION

US Judge Won't Block Meta from Laying Off Workers Who Filed AI Discrimination Suit

2026-07-18
MetaMeta
POLICY & REGULATION

Meta Faces Lawsuit Over Allegations of AI-Driven Discrimination in Layoffs

2026-07-17
MetaMeta
RESEARCH

Researcher Demonstrates Easy Backdoor Installation in Open-Weight AI Models

2026-07-17

Comments

Suggested

BarracudaBarracuda
RESEARCH

AI Email Filters Vulnerable to Text Salting Attacks, Barracuda Reports

2026-07-18
Google / AlphabetGoogle / Alphabet
UPDATE

Google Fixing Critical Android Lock Screen Bug Allowing Gemini to Send SMS Without PIN

2026-07-18
RobloxRoblox
PRODUCT LAUNCH

Roblox Launches Build: AI-Powered Mobile Game Creation Tool

2026-07-18
← Back to news
© 2026 BotBeat
AboutPrivacy PolicyTerms of ServiceContact Us