Everyone talks about AI replacing humans
[Artificial intelligence will replace an estimated 10 to 15% of US jobs (up to 11 million workers) within the next five years.Source: aimultiple.com ]
but this incident shows a different problem "giving AI too much authority".
According to reports, attackers didn't need a sophisticated exploit. They allegedly convinced an AI support system to make account-recovery changes on high-profile Instagram accounts (Literally how easy to fool these machines.) If that's what happened, the real vulnerability wasn't the AI itself—it was the workflow behind it.
I'm curious how a support bot ended up with enough permissions to modify recovery information without stronger ownership verification. Was it a design flaw, a trust issue, or simply an example of automation being granted access it shouldn't have had?
I think the weakest link isn't the model. It's the system built around it and power it has without proper verification how can it give account reset code at different email ?
These companies should learn from this automation is useful, Blind trust in automation isn't.
Reference: https://www.404media.co/hackers-simply-asked-meta-ai-to-give-them-access-to-high-profile-instagram-accounts-it-worked/