Instagram accounts compromised due to a vulnerability in Meta’s automated technical support system

From 17 April to 31 May, Instagram experienced a cybersecurity incident. During this period, the company officially identified the anomaly. This incident arose due to the active exploitation of a critical vulnerability present in one of the automated internal systems the company uses for user management. During this time, various malicious actors exploited a validation flaw in the technical support workflows to massively and systematically compromise access to thousands of personal profiles on the social network.

The vulnerability was due to a coding error in the AI-assisted support tool known as ‘High Touch Support’ (HTS), which allowed cybercriminals to request password reset links to external email addresses not originally associated with the targeted accounts, facilitating the hijacking of those profiles lacking two-factor authentication (2FA).  According to official data provided by Meta, a total of 20,225 Instagram users worldwide were affected by this vulnerability, with confidential information such as direct messages, contact details, dates of birth and private posts being compromised. As an immediate response following the discovery of the flaw, the company proceeded to completely disable the HTS tool, invalidated all fraudulently generated reset links and implemented a mandatory security checkpoint to force victims to re-authenticate and change their passwords.

Meta has now officially stated that the technical security issue has been successfully resolved and that all affected Instagram accounts are now properly secured to prevent any further unauthorised access. Furthermore, the company has formally confirmed that the AI-assisted recovery tool will remain inactive until the authentication verification at the account recovery entry point has been definitively corrected. Finally, the company’s management has announced that a thorough and comprehensive review of all similar account recovery workflows across all Meta Group platforms is currently underway, with the explicit aim of identifying and proactively addressing any other potential issues of a similar nature.