TL;DRA reported flaw in Meta’s AI support system affected 34,000 Instagram accounts, exposing personal data and enabling account takeovers.Attackers tricked an AI chatbot into changing account recovery emails, allowing them to reset passwords.Meta is reviewing the incident and notifying affected users, but has paused only the specific recovery tool involved while continuing its broader AI push.A few days ago, we reported on how Meta’s growing reliance on AI-powered support tools had seemingly opened the door to a new kind of security problem. Now, a fresh report from The New York Times suggests the issue may have been far more widespread than initially understood, affecting around 34,000 Instagram users. Of those, roughly 20,000 accounts were allegedly compromised, exposing personal information such as email addresses, phone numbers, and birth dates, while thousands more had their usernames changed or temporarily lost control of their profiles.Unlike many account breaches that rely on stolen passwords, phishing emails, or malware, this incident appears to have stemmed from something far more mundane: an automated support workflow that could be manipulated into performing actions it wasn’t supposed to.