Meta Pauses an AI Training Program That Tracks Employees’ Keystrokes After an Internal Leak — What to Know

Meta Pauses an AI Training Program That Tracks Employees’ Keystrokes After an Internal Leak — What to Know

A Meta employee-monitoring program accidentally made sensitive workplace data available inside the company. Here’s what happened, what information was involved, and what lessons you can apply to protect your own privacy.

What Happened?

According to WIRED, Meta temporarily left sensitive information collected through an internal employee-monitoring program accessible to workers across the company.

The issue involved data gathered from employee laptops as part of Meta’s Model Capability Initiative, a project designed to help train artificial intelligence systems. The company said it is investigating the incident and has paused the data collection program indefinitely while the review takes place.

Meta’s Chief Technology Officer, Andrew Bosworth, told employees that a configuration error involving access controls (settings that determine who can view information) allowed the data to become accessible more broadly than intended.

Who Was Affected and What Data Was Leaked?

The incident involved information collected from Meta employees in the United States. Internal documents reviewed by WIRED indicated that data across roughly 45,000 internal databases was affected.

According to reports, the information may have included:

  1. Keystrokes typed on employee laptops
  2. Mouse clicks
  3. Content displayed on computer screens
  4. AI prompts and transcriptions
  5. Internal conversations
  6. Employee performance information

Meta said it has not found evidence that employees improperly accessed the information, but the company has not publicly shared exactly how many workers were affected.

Even when information is not stolen by outside criminals, data leaks can still create privacy risks. Personal conversations, workplace information, and other sensitive details could potentially be misused if they become available to people who should not have access.

Many people focus on major breaches in the news, but they may not realize their information was leaked in other incidents that received far less attention.

If you are not sure whether your information was leaked somewhere online, automatic monitoring can help you spot problems earlier. 

Futureproof monitors your data for leaks 24/7 and helps you reduce scam risks with simple, clear steps.

Keep your personal information scam-proof

Futureproof keeps your data safer with simple guidance to set a strong password, turn on 2-step verification, and lock down your account.

Check my safety

How Did the Data Leak Happen?

Meta said the incident was caused by misconfigured access control lists, often called ACLs.

In simple terms, access controls are the rules that decide who can view certain information. When those settings are configured incorrectly, sensitive data can become visible to people who were never supposed to see it.

Based on Meta’s statements, this was a data leak rather than a data breach. The available information suggests the data became accessible because of an internal configuration mistake, not because hackers broke into the company’s systems.