Hackers used Meta’s AI-powered support chatbot to infiltrate high-profile Instagram accounts, the company confirmed on Monday, saying it had resolved the problem after researchers exposed it.

The targets ranged from Barack Obama’s White House account to Sephora and the US Space Force Chief Master Sergeant, according to reporting from 404 Media. Everyday users complained of similar hijackings on Reddit and X over the weekend.

Security researchers and hacking groups posted videos and screenshots of how to steal an account on Telegram, and a video shared on X appears to show a hacker telling Meta’s AI assistant to link the account to a new email address; the bot assures the hacker a verification code has been sent to that new email, and asks to input the numbers in the chat interface.

Once the hacker pastes the correct number, they are shown a button to reset the targeted accounts’ password. In at least one video, the hacker used a virtual private network to spoof the account holder’s location and avoid Meta’s safeguards.

Meta said in a statement: “This issue has been resolved, and we are securing impacted accounts.” It is unclear how many accounts were affected.

The breach raises concerns about just how safe it is to rely on AI for key security measures such as passwords.

Meta, which is rapidly reorganizing its workers’ jobs around AI and increasing the use of AI features in its platforms, rolled out the AI support assistant globally on Facebook and Instagram earlier this year. The press release for the new AI feature explained that the new AI support assistant can “take action for you on a growing set of requests directly within Facebook and in the future, on Instagram”.

The list of actions included reporting scams, impersonation accounts, or problematic content, as well as resetting passwords.

“The Meta AI support assistant is a major step in our work to deliver stronger support on our apps,” reads a March press release from Meta.