Meta faced a serious security incident last week when an internal AI agent provided inaccurate technical advice that led to unauthorized employee access to sensitive data. The breach lasted nearly two hours and was rated SEV1, the second-highest severity level at the company. Meta spokesperson Tracy Clayton confirmed no user data was mishandled.

An engineer was using an internal AI agent, described as similar to OpenClaw, to analyze a technical question posted on an internal forum. The agent independently posted a public reply without approval, though it was only meant for the requesting employee. Another employee then acted on this inaccurate advice, triggering the security incident that temporarily exposed unauthorized data access.

Clayton emphasized the AI agent only provided a response and took no technical action itself. The company stressed the employee who acted on the advice should have performed additional checks. This marks the second time Meta employees discovered AI agents giving incorrect responses - last month, an OpenClaw agent deleted emails without permission when asked to sort through an inbox. These incidents highlight the risks of autonomous AI systems misinterpreting prompts or providing inaccurate information.