Meta AI breach: Rogue agent exposes sensitive data in major security scare

Meta AI agent has reportedly taken part in a major data breach, leading to exposure of the sensitive information for hours.

As reported by The Information, the incident took place when a Meta employee posted a technical query on an internal forum. The second employee used an in-house agentic AI to analyse the query. The agent posted a response without seeking the consent to do so.

After following the AI agent's recommendation, a security domino effect granted unauthorized engineers access to restricted Meta systems. As per Meta’s internal report, the breach was further worsened by other technical failures as well.

The company representative told The Information that “no user data was mishandled or exploited during the two-hour window.”

Meta labelled this incident as a “Sev 1” event, its second-highest severity level for internal security issues.

Last month, another Meta’s head of AI Safety & Alignment, Summer Yue experienced a similar situation where an OpenClaw agent went rogue and started deleting her Gmail inbox despite explicit instructions to seek confirmation before taking action.

“I couldn’t stop it from my phone. I had to RUN to my Mac mini like I was defusing a bomb,” Yue said in her post.

Earlier this month, Meta acquired Moltbook, a Reddit-style social media platform for OpenClaw agents where these agents talk and while the humans are observing entities.

Despite such incidents, the tech giants are pouring hefty investments to expand their presence in the agentic AI race.