The chatbot had been tricked. An attacker had impersonated her, bypassed identity checks using prompt injection, and socially engineered the bot into triggering a reset. No MFA. No human review. Just a helpful AI, eager to please.