Hackers duped Meta AI support chatbot to steal celebrity Instagram accounts
Pricey Instagram handles were stolen and resold before Meta patched the exploit.
Pricey Instagram handles were stolen and resold before Meta patched the exploit. This report comes from Ars Technica. The story centres on Hackers du
Read Full Story at Ars Technica โWhy This Matters
The incident exposes a critical flaw in how social media platforms balance scalability with security, revealing that even AI-driven support systems can be weaponized against their own users. For celebrities and high-profile accountsโwhose handles often function as de facto trademarksโthe theft of usernames isnโt just an inconvenience but a business risk, turning digital identity into a commodity for resale. It also underscores how cybercriminals exploit automation gaps, turning Metaโs own tools against its ecosystem.
Background Context
Instagramโs username market has long operated in a legal gray area, where premium handles are treated like speculative assets, resold for thousands or even millions of dollars. Metaโs AI support chatbots, introduced to handle high-volume inquiries, were designed to streamline responses but lacked the nuanced verification protocols needed for high-stakes account recovery scenarios. The platformโs reliance on third-party brokers for handle transfers further complicates oversight, creating opportunities for fraud to masquerade as legitimate transactions.
What Happens Next
Metaโs patch may slow the exploit, but the broader lessonโespecially for platforms prioritizing AI efficiency over manual verificationโremains unresolved. Legal battles over stolen handles could set precedents for how social media companies are held accountable for user impersonation, while cybercriminals will likely refine tactics to bypass new safeguards. Meanwhile, celebrities and influencers may push for stricter ownership protocols, potentially forcing a rethink of how digital identity is protectedโor commodifiedโon social platforms.
Bigger Picture
This breach reflects a growing trend where AI systems, intended to democratize access, become enablers of high-value fraud when security lags behind innovation. As social media handles gain real-world financial weight, the gap between platform governance and user expectations widens, risking erosion of trust in digital ecosystems. The episode also highlights a paradox: the more a company automates its operations, the more it must invest in fail-safes to prevent automated abuse.
