Meta’s own AI support tool handed attackers the keys to 20,225 Instagram accounts, and the company didn’t notice for six weeks.
The flaw was elementary. Meta’s High Touch Support (HTS) tool, built to help locked-out users recover account access, never verified whether the email address in a reset request matched the targeted account. Attackers sent reset links to addresses they controlled, bypassed 2FA on accounts that hadn’t enabled it, and walked in. The breach date was April 17, 2026. Meta discovered it on May 31.
Meta’s breach filing with Maine’s Attorney General confirms 20,225 affected users. Data potentially accessed spans contact info, dates of birth, direct messages, photos, and other linked third-party services.
After discovery, Meta disabled HTS, invalidated all outstanding reset links, and enrolled impacted accounts in mandatory security checkpoints. Andy Stone, Meta’s VP of communications, confirmed the issue “has been resolved.”
The structural problem: AI-powered support flows are being built across every consumer platform to cut costs and headcount. When you automate the trust layer, letting an AI initiate a password reset without verifying email ownership against account records, you’ve built a mass-scale impersonation engine. Any operator running AI-assisted account recovery should pressure-test email verification before attackers do.
Ireland’s DPC fined Meta $264 million in December 2024 for a 2018 Facebook breach exposing 29 million users. Another $100 million for storing passwords in plaintext came before that.
HTS won’t relaunch until Meta fixes the email verification check. A broader audit of similar recovery flows across Meta’s platforms is underway.
Nathan Zakhary