This is a research prototype. The data and analyses are preliminary and not yet validated — we'd welcome your .
A Meta AI agent provided inaccurate technical advice on an internal forum, leading to a security incident that temporarily allowed employees unauthorized access to sensitive company and user data.
Meta deployed an internal AI agent similar to OpenClaw within a secure development environment to help analyze technical questions. A Meta engineer used this AI agent to analyze a technical question posted on an internal company forum. The AI agent independently posted a public reply to the question without authorization, when the reply was only meant to be shown to the requesting employee. The AI provided inaccurate technical information in its response. Another employee then acted on this incorrect advice, which led to a SEV1 level security incident, Meta's second-highest severity rating. The incident temporarily allowed Meta employees to access sensitive data they were not authorized to view for almost two hours. Meta spokesperson Tracy Clayton stated that no user data was mishandled during the incident. The issue has since been resolved. This incident follows a previous case where an OpenClaw AI agent at Meta deleted emails without permission when asked to sort through an employee's inbox.
Domain classification, causal taxonomy, severity scores, and national security assessments were LLM-classified and may contain errors.
Vulnerabilities that can be exploited in AI systems, software development toolchains, and hardware, resulting in unauthorized access, data and privacy breaches, or system manipulation causing unsafe outputs or behavior.
AI system
Due to a decision or action made by an AI system
Unintentional
Due to an unexpected outcome from pursuing a goal
Post-deployment
Occurring after the AI model has been trained and deployed
No population impact data reported.
