Reading time 2 minutes
Add Meta to the list of companies that have had AI wreak havoc on their internal systems. According to a report from The Information, an AI agent, working on behalf of an engineer, provided guidance that ultimately led to sensitive user data being exposed to people who weren’t authorized to see it.
As is often the case with these situations, like the one that led to an AI agent deleting critical code and knocking a server offline at Amazon, the autopsy reads like a comedy of errors. Per The Information, it started with a Meta employee asking a technical question on an internal forum designed for employees to help each other when issues arise. An engineer saw the question and asked an AI agent to analyze, which resulted in the agent actually posting a response as the engineer. The original poster saw the guidance and, thinking it was coming from a fellow Meta employee, decided to act on it.
Turns out the AI agent didn’t quite know what it was talking about. When the employee acted on its advice, it reportedly made a massive amount of data, including sensitive company and user information, available to Meta employees who did not have clearance to view or access it. The exposure lasted for about two hours before it was fixed.
It’s not the first time someone at Meta has trusted an AI agent a bit too much. Earlier this year, Summer Yue, the director of safety and alignment at Meta’s superintelligence lab, handed the open-source AI agent OpenClaw access to her inbox. It ended up deleting all of her emails, even as she pleaded with it to stop.
Maybe that’s why Meta is looking outside of its own walls to find someone to help out with security. Wired reports that Moxie Marlinspike, the person behind Signal and its open-source encryption protocol, is working with Meta to bring end-to-end encryption to its AI chatbots.
Marlinspike has been working on an encrypted chatbot called Confer, and will reportedly be helping Meta integrate the technology into its own AI offerings—though his platform will continue to operate independently, so it doesn’t seem he’ll be joining the company.
“We are using LLMs for the kind of unfiltered thinking that we might do in a private journal – except this journal is an API endpoint to a data pipeline specifically designed for extracting meaning and context,” he wrote in a blog post. “As Meta builds more AI products beyond the basic chat paradigm, the privacy technology from Confer will be a part of the foundation of everything that is to come.”
Explore more on these topics
Share this story
Subscribe and interact with our community, get up to date with our customised Newsletters and much more.
Even when your power goes down, your Wi-Fi won't.
President Deals seems to be setting the global economy on fire.
Val Kilmer had a lot of unconventional beliefs, and the director claims this is what he wanted.
Who could have seen this coming?
Soon, you won't be able to access Meta's flagship metaverse experience on its flagship metaverse-experiencing device
A UK judge determined that a witness was being fed answers through his smart glasses during cross-examination.
©2026 GIZMODO USA LLC.
All rights reserved.
Source: Gizmodo