Meta employees were able to access sensitive user data after an engineer followed flawed advice from an AI agent.
First reported by The Information, the incident prompted a security review and stemmed from an engineering technical query on an internal company forum.
An engineer is said to have posted a question hoping for advice from colleagues, one of whom used an AI agent to analyze the question, which then gave a response without permission.
According to The Information, when the employee acted on the agent’s advice it led to huge amounts of company data being exposed to unauthorized engineers for over two hours.
Meta gave the incident a “Sev 1” rating, the second-highest incident response identifier used internally. Meta has confirmed an incident took place, but told The Guardian “no user data was mishandled”.
ITPro has approached Meta for comment.
Nik Kairinos, CEO and co-founder of AI safety platform RAIDS AI, said the incident underlines the potential data protection risks associated with AI agents, particularly when it comes to taking advice at face value.
“What’s notable about the Meta incident is that the AI agent didn’t need privileged access to cause a breach. It just needed a human to trust its output,” he said.
“That’s a fundamentally different threat model than most organizations are planning for,” Kairinos added.
AI agent adoption is surging globally, research shows. Analysis from EY last year found nearly half (48%) of technology sector executives plan to adopt agentic AI tools, or are somewhere along the adoption process.
These autonomous bots often require deep access to internal company data to work efficiently however, prompting concerns about security and data privacy.
Identity security in particular has become a key focus for enterprises since the advent of agents, with many introducing new processes to prevent unauthorized access to certain environments.
Research from Okta in August 2025 found 78% of security leaders identified control access and permissions for “non-human identities” as their main security concern.
Separate research from SailPoint showed agents are proving troublesome for enterprises and often performing actions without instruction.
More than one-third (39%) of respondents revealed agents had accessed unauthorized systems while 33% access inappropriate data.
32% also admitted that agents had downloaded inappropriate data, posing huge security risks.
FOLLOW US ON SOCIAL MEDIA
Follow ITPro on Google News and add us as a preferred source to keep tabs on all our latest news, analysis, views, and reviews.
You can also follow ITPro on LinkedIn, X, Facebook, and BlueSky.
