Contact information, direct messages and connected accounts potentially compromised, Meta said.
Hackers used Meta AI to hack into 20,225 Instagram accounts, Meta reported in a government data breach notice on 6 June.
According to the notice, the breach occurred on 17 April, but wasn’t discovered by the company until more than a month later, on 31 May.
The company explained that hackers exploited a now-resolved bug in its AI-assisted support tool, designed to help Instagram users access their account after being logged out.
“HTS (High Touch Support) is an AI-assisted support tool designed to help users who are locked out of their Instagram accounts regain access,” said Amber Hannah, Meta’s associate general counsel for incident response legal.
