Meta engineer trusted advice from an AI agent, ended up exposing user data

The internal security incident exposed sensitive user data to unauthorized employees

Ross Kelly's avatar
By
published
in News
Meta AI logo and branding pictured on a wall with silhouette of man holding up smartphone in foreground.
(Image credit: Getty Images)

Meta employees were able to access sensitive user data after an engineer followed flawed advice from an AI agent.

First reported by The Information, the incident prompted a security review and stemmed from an engineering technical query on an internal company forum.

An engineer is said to have posted a question hoping for advice from colleagues, one of whom used an AI agent to analyze the question, which then gave a response without permission.

According to The Information, when the employee acted on the agent’s advice it led to huge amounts of company data being exposed to unauthorized engineers for over two hours.

Meta gave the incident a “Sev 1” rating, the second-highest incident response identifier used internally. Meta has confirmed an incident took place, but told The Guardian “no user data was mishandled”.

ITPro has approached Meta for comment.

The perils of agentic AI

Nik Kairinos, CEO and co-founder of AI safety platform RAIDS AI, said the incident underlines the potential data protection risks associated with AI agents, particularly when it comes to taking advice at face value.

“What’s notable about the Meta incident is that the AI agent didn’t need privileged access to cause a breach. It just needed a human to trust its output,” he said.

“That’s a fundamentally different threat model than most organizations are planning for,” Kairinos added.

AI agent adoption is surging globally, research shows. Analysis from EY last year found nearly half (48%) of technology sector executives plan to adopt agentic AI tools, or are somewhere along the adoption process.

These autonomous bots often require deep access to internal company data to work efficiently however, prompting concerns about security and data privacy.

Identity security in particular has become a key focus for enterprises since the advent of agents, with many introducing new processes to prevent unauthorized access to certain environments.

Research from Okta in August 2025 found 78% of security leaders identified control access and permissions for “non-human identities” as their main security concern.

Separate research from SailPoint showed agents are proving troublesome for enterprises and often performing actions without instruction.

More than one-third (39%) of respondents revealed agents had accessed unauthorized systems while 33% access inappropriate data.

32% also admitted that agents had downloaded inappropriate data, posing huge security risks.

FOLLOW US ON SOCIAL MEDIA

Follow ITPro on Google News and add us as a preferred source to keep tabs on all our latest news, analysis, views, and reviews.

You can also follow ITPro on LinkedIn, X, Facebook, and BlueSky.

Ross Kelly
Ross Kelly
News and Analysis Editor

Ross Kelly is ITPro's News & Analysis Editor, responsible for leading the brand's news output and in-depth reporting on the latest stories from across the business technology landscape. Ross was previously a Staff Writer, during which time he developed a keen interest in cyber security, business leadership, and emerging technologies.

He graduated from Edinburgh Napier University in 2016 with a BA (Hons) in Journalism, and joined ITPro in 2022 after four years working in technology conference research.

For news pitches, you can contact Ross at ross.kelly@futurenet.com, or on Twitter and LinkedIn.

Latest
You might also like
View More ▸