Meta is having trouble with rogue AI agents
An AI agent went rogue at Meta, exposing sensitive company and user data to employees who did not have permission to access.
Per an incident report, which was viewed and reported on by The Information, a Meta employee posted on an internal forum asking for help with a technical question — which is a standard action. However, another engineer asked an AI agent to help analyze the question, and the agent ended up posting a response without asking the engineer for permission to share it. Meta confirmed the incident to The Information.
As it turns out, the AI agent did not give good advice. The employee who asked the question ended up taking actions based on the agent’s guidance, which inadvertently made massive amounts of company and user-related data available to engineers who were not authorized to access it for two hours.
Meta deemed the incident a “Sev 1,” which is the second-highest level of severity in the company’s internal system for measuring security issues.
Rogue AI agents have already posed a problem at Meta. Summer Yue, a safety and alignment director at Meta Superintelligence, posted on X last month describing how her OpenClaw agent ended up deleting her entire inbox, even though she told it to confirm with her before taking any action.
Still, Meta seems bullish on the potential for agentic AI. Just last week, Meta bought Moltbook, a Reddit-like social media site for OpenClaw agents to communicate with one another.
Actively scaling? Fundraising? Planning your next launch?TechCrunch Founder Summit 2026 delivers tactical playbooks and direct access to 1,000+ founders and investors who are building, backing, and closing.
Every weekday and Sunday, you can get the best of TechCrunch’s coverage.
TechCrunch Mobility is your destination for transportation news and insight.
Startups are the core of TechCrunch, so get our best coverage delivered weekly.
Provides movers and shakers with the info they need to start their day.
By submitting your email, you agree to our Terms and Privacy Notice.
Related articles
Hacked, leaked, and held for ransom: the worst breaches of 2026 so far
From a massive DOGE data breach and the hacking of critical energy and water systems to the hack of an FBI surveillance system, here are the most damaging security incidents and data breaches of 2026.
Create AI images with your own API key
aixipi runs on desktop/web, uses your own model API balance, and avoids subscription lock-in.
Try aixipi →
TechCrunch Mobility: Inside GM’s $900M EV battery gamble
Welcome back to TechCrunch Mobility — your central hub for news and insights on the future of transportation.
OpenAI is still working on that ‘super app’
"Chat is dead" — at least, according to a senior OpenAI employee.