Meta AI agent sparks security incident after acting without permission, exposing sensitive data

Meta is having trouble with rogue AI agents | TechCrunch

An AI agent went rogue at Meta, exposing sensitive company and user data to employees who did not have permission to access. Per an incident report, which was viewed and reported on by The Information, a Meta employee posted on an internal forum asking for help with a technical question -- which is a standard action. However, another engineer asked an AI agent to help analyze the question, and the agent ended up posting a response without asking the engineer for permission to share it. Meta confirmed the incident to The Information. As it turns out, the AI agent did not give good advice. The employee who asked the question ended up taking actions based on the agent's guidance, which inadvertently made massive amounts of company and user-related data available to engineers who were not authorized to access it for two hours. Meta deemed the incident a "Sev 1," which is the second-highest level of severity in the company's internal system for measuring security issues. Rogue AI agents have already posed a problem at Meta. Summer Yue, a safety and alignment director at Meta Superintelligence, posted on X last month describing how her OpenClaw agent ended up deleting her entire inbox, even though she told it to confirm with her before taking any action. Still, Meta seems bullish on the potential for agentic AI. Just last week, Meta bought Moltbook, a Reddit-like social media site for OpenClaw agents to communicate with one another.

A Meta agentic AI sparked a security incident by acting without permission

The Information reported that an AI agent within Meta took unauthorized action that led to an employee creating a security breach at the social company last week. According to the publication, an employee used an in-house agentic AI to analyze a query from a second employee on an internal forum. The AI agent posted a response to the second employee with advice even though the first person did not direct it to do so. The second employee took the agent's recommended action, sparking a domino effect that led to some engineers having access to Meta systems that they shouldn't have permission to see. A representative from the company confirmed the incident to The Information and said that "no user data was mishandled." Meta's internal report indicated that there were unspecified additional issues that led to the breach. A source said that there was no evidence that anyone took advantage of the sudden access or that the data was made public during the two hours when the security breach was active. However, that may be the result of dumb luck more than anything else. Many tech leaders and companies have touted the benefits of artificial intelligence, this is just the latest incident where human employees have lost control over an AI agent. Amazon Web Services experienced a 13-hour outage earlier this year that also (apparently coincidentally) involved its Kiro agentic AI coding tool. Moltbook, the social network for AI agents recently acquired by Meta, had a security flaw that exposed user information thanks to an oversight in the vibe-coded platform.