Menu
Browse

Cyber Incident Victim: Meta

Date:

Jun 2026

Location:

United States of America

Summary

Meta paused an AI training program that tracked employee keystrokes and mouse movements after researchers inadvertently moved the collected data to an unauthorized internal location. The company said the data remained secure with limited access but halted the initiative to investigate the misplacement, address employee backlash over mandatory participation, and improve data variance for model training.

CIA Posture Motives Tactics, Techniques & Procedures
Available to members 1 motive 0 techniques
Threat Actors Type Location
0 actors Available to members Available to members

Description

Meta introduced the Model Capability Initiative in April, installing software on the majority of its U.S. employees to track keystrokes and mouse movements for the purpose of training its AI models. Initially the program did not allow employees to opt out, which prompted significant backlash from the workforce and contributed to what Andrew Bosworth described as employee morale being “probably one of the worst it’s ever been” in Meta’s two‑decade history. A few weeks after launch, Bosworth noted that the program was generating a large volume of repetitive data lacking the variance needed for effective AI training, leading Meta to add expanded opt‑out options for employees who wished to decline participation.

Cyber Incident Image

In June, screenshots obtained by Business Insider showed that a leak had made sensitive employee data accessible to the entire company, prompting Meta to pause the initiative. A Meta spokesperson told Business Insider that the program had been designed with privacy safeguards, that there was no indication at the time that any data had been improperly accessed by Meta employees, and that the pause was intended to allow a thorough investigation. During an interview with The Atlantic’s Nicholas Thompson, filmed in late June and released on July 9 2026, Bosworth explained that the data generated by the program was “quite secure” with only a small number of people having access, but that one researcher working downstream with the data had erroneously moved it to a location where it was not supposed to go, causing the data to “land someplace that it shouldn’t have landed internally.” Bosworth emphasized that Meta did not suspect foul play and characterized the incident as an internal mistake rather than a breach.

In response to the incident, Meta stated that it was “locking the whole thing down” until it could determine how the data had been misplaced and prevent any recurrence. The company maintained that it would continue to investigate the matter while the AI training program remained paused. Representatives for Meta declined to provide further comment when approached by Business Insider for additional details. The narrative presented reflects only the facts disclosed in the provided source material, including the timeline of the program’s launch, the employee reaction, the discovery of the data misplacement, the pause and investigation, and the statements made by Meta officials.

Sources
Sources available to members
1 source