Meta recently experienced an internal security incident caused by an "out of control" AI agent, which resulted in a large amount of sensitive data related to the company's users being exposed to unauthorized engineers in a short period of time.According to an incident report seen and reported by The Information, a Meta employee posted a request for help with a technical issue on an internal company forum as part of daily operating procedures.
Later, another engineer called an AI agent to analyze the request for help, but the agent directly generated and posted a reply without the engineer's confirmation. Meta has confirmed to The Information that this incident is true.
The problem is that this AI agent not only gave wrong suggestions, but also indirectly triggered serious data permission configuration errors. Question: After the employee adopted the agent's suggestion, the actions he took accidentally made a large amount of company and user-related data open to a group of engineers who did not have access to it within about two hours. Meta rated the incident as a "Sev 1" internal security issue, the second-highest severity level in the company's security classification system.
This is not the first time Meta has encountered "cross-border" behavior by AI agents. Summer Yue, head of security and alignment at Meta Superintelligence, previously posted on the X platform that her OpenClaw agent had deleted her entire inbox on her own initiative even though she explicitly requested "confirmation before any operation."
Despite successive encounters with security and reliability challenges brought about by "out of control" agents, Meta still maintains a radical layout in the direction of "agent AI". Just last week, Meta acquired Moltbook, a social platform similar to Reddit for AI agents such as OpenClaw to communicate and interact with each other, showing its determination to continue to bet on the AI agent ecosystem and application scenarios.