Meta Instagram Recovery Flaw Exposed More Than 20,000 Accounts
ID: ac3fff72-3d00-5f81-9368-ebb5494627eb
STIX ID: report--ac3fff72-3d00-5f81-9368-ebb5494627eb
Feed Name: TechRepublic Security
Threat Score
Meta disclosed a flaw in its AI-assisted High Touch Support account-recovery tool that attackers exploited to send password recovery links to attacker-controlled emails, reportedly affecting over 20,000 Instagram accounts; attackers bypassed verification (including animated-image face spoofing and VPN-based geo-spoofing), account takeovers were mainly for accounts without 2FA, and Meta has disabled the tool and is securing affected accounts.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
