Meta discloses 20,225 Instagram account takeovers via an AI support-tool logic flaw; Maine AG notification filed 8 June

Meta filed a breach notification with the Maine Attorney General on 8 June disclosing that a logic flaw in its AI-assisted account-recovery tool ("High Touch Support") allowed unauthorised actors to hijack 20,225 Instagram accounts between 17 April and 31 May 2026 (BleepingComputer, 2026-06-08). A separate code path failed to verify that the email address supplied with a reset request matched the account's registered address, so the reset link was sent to the attacker-provided address — a confused-deputy bypass requiring no prior knowledge of the victim's email, phone or password (Security Affairs, 2026-06-08). Accounts with two-factor authentication enabled were protected from full takeover even when the reset link was obtained. Meta disabled the tool on discovery (31 May), invalidated pending reset links, and will notify affected users on 19 June.

Why it matters to us: this is the AI-support-automation risk class in practice — a "helpful" AI workflow induced to act on attacker-supplied identity claims without cross-checking authoritative records (T1078, T1556). Organisations deploying AI help-desk or self-service account-recovery should audit whether the AI decision path can be steered by attacker-controlled email/identity input, and enforce 2FA so a password-reset bypass alone does not yield takeover.