For nearly two hours final week, Meta workers had unauthorized entry to firm and consumer knowledge due to an AI agent that gave an worker inaccurate technical recommendation, as beforehand reported by The Info. Meta spokesperson Tracy Clayton stated in an announcement to The Verge that “no consumer knowledge was mishandled” in the course of the incident.
A Meta engineer was utilizing an inner AI agent, which Clayton described as “related in nature to OpenClaw inside a safe growth setting,” to investigate a technical query one other worker posted on an inner firm discussion board. However the agent additionally independently publicly replied to the query after analyzing it, with out getting approval first. The reply was solely meant to be proven to the worker who requested it, not posted publicly.
An worker then acted on the AI’s recommendation, which “supplied inaccurate info” that led to a “SEV1” stage safety incident, the second-highest severity ranking Meta makes use of. The incident quickly allowed workers to entry delicate knowledge they weren’t approved to view, however the challenge has since been resolved.
In line with Clayton, the AI agent concerned didn’t take any technical motion itself, past posting inaccurate technical recommendation, one thing a human may have additionally accomplished. A human, nevertheless, may need accomplished additional testing and made a extra full judgment name earlier than sharing the knowledge — and it’s not clear whether or not the worker who initially prompted the reply deliberate to publish it publicly.
“The worker interacting with the system was absolutely conscious that they have been speaking with an automatic bot. This was indicated by a disclaimer famous within the footer and by the worker’s personal reply on that thread,” Clayton commented to The Verge. “The agent took no motion apart from offering a response to a query. Had the engineer that acted on that identified higher, or did different checks, this might have been averted.”
Final month, an AI agent from open-source platform OpenClaw went extra immediately rogue at Meta when an worker requested it to type by way of emails in her inbox, deleting emails with out permission. The entire thought behind brokers like OpenClaw is that they’ll take motion on their very own, however like every other AI mannequin, they don’t all the time interpret prompts and directions accurately or give correct responses, a reality Meta workers have now found twice.
