A critical security flaw in Instagram's new AI chatbot feature has left millions of British users vulnerable to data breaches, security researchers have confirmed. The exploit, discovered by a team at the University of Cambridge's Cyber Security Centre, allows attackers to bypass the chatbot's guardrails and extract personal information, including direct messages and payment details.
The vulnerability lies in the chatbot's natural language processing model. By crafting specific prompts, attackers can trick the AI into revealing sensitive data that should be isolated from the conversation interface. Meta, Instagram's parent company, has acknowledged the issue but has yet to release a patch.
'This is a textbook example of an AI alignment problem,' said Dr. Eleanor Hayes, lead researcher on the team that uncovered the flaw. 'The chatbot was designed to be helpful and conversational, but it lacks the robust security boundaries needed to protect user data. It's like building a smart assistant that can't tell the difference between asking for the weather and asking for your bank details.'
The breach affects users who have opted into Instagram's experimental AI chatbot feature, which was rolled out to a subset of users in the UK last month. The feature uses a large language model similar to those powering ChatGPT and Google's Bard, but with customisations for social media interactions.
Early reports suggest that attackers have already exploited the flaw to access accounts belonging to several high-profile British influencers and businesses. The Information Commissioner's Office has launched an investigation, and users are being urged to disable the chatbot feature immediately.
'This isn't just a technical glitch,' warned Julian Vane, Technology & Innovation Lead for The Standard. 'It's a systemic failure in how we deploy AI in consumer products. The rush to integrate generative AI without adequate security testing is creating a landscape ripe for exploitation. We're seeing the 'Black Mirror' consequences unfold in real time.'
The exploit raises broader questions about the safety of integrating AI chatbots into everyday apps. Unlike traditional software bugs, AI vulnerabilities can be exploited in novel ways without requiring any code injection. The same technology that enables seamless conversation also allows for unpredictable and often undesirable outputs.
Meta has stated that it is working on a fix, but has not provided a timeline. In the meantime, users are advised to review their privacy settings and consider disabling the chatbot feature. Security experts recommend against sharing any sensitive information via AI chatbots until robust safeguards are in place.
This breach serves as a stark reminder that the future of technology is not just about what we can build, but how responsibly we deploy it. As AI becomes more embedded in our daily lives, the line between innovation and risk grows ever thinner. For now, British users remain in a state of digital limbo, waiting for a fix that may come too late for those already compromised.
