Meta Suspends Internal AI Training Program After Employee Data Exposure
Meta halted its internal Model Capability Initiative (MCI) after a permissions misconfiguration exposed sensitive employee-monitoring data to the company’s broader workforce. The program, launched in April for U.S.-based employees, collected detailed telemetry including mouse movements, clicks, keystrokes, and occasional screenshots to train internal AI and machine-learning systems. Reuters-reported documents indicated the exposed data included private conversations, AI prompts and request transcripts, and other records gathered from internal systems.
Internal concerns had reportedly been raised earlier about both the intrusiveness of the monitoring and data-storage weaknesses, with a later security alert finding confidential information accessible in cleartext to Meta employees. The exposed material reportedly included named HR performance data and documents classified under DSS sensitivity levels 1 through 4. Meta said it has found no evidence of improper employee access or malicious exploitation, but it suspended the program while investigating and has not said when, or in what form, it may resume.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
6 events from the most recent confirmed update back to the earliest known activity.
Meta employees petition against MCI monitoring program
In May 2026, Meta employees petitioned against the Model Capability Initiative, raising concerns about privacy protections and the scope of telemetry collection for AI training. The reference says workers questioned the lack of completed privacy reviews and the vagueness of proposed mitigations.
Meta flags MCI data storage problems internally
Reuters reported that data storage issues related to the MCI program had already been flagged in May. This preceded discovery that collected confidential data was broadly accessible internally.
Internal alert finds MCI data exposed to all Meta staff
An internal security alert determined that confidential MCI training data was accessible in cleartext to any Meta employee because of a permissions misconfiguration. Exposed data reportedly included AI prompts and transcripts, private employee conversations, HR performance data, and documents with DSS sensitivity labels 1 through 4.
Meta launches internal MCI employee monitoring program
Meta began deploying its Model Capability Initiative (MCI) to U.S.-based employees in April 2026 to collect telemetry such as mouse movements, clicks, keystrokes, and occasional screenshots for AI training.
Meta pauses MCI program after internal data exposure
On 2026-06-22, Meta halted the Model Capability Initiative while it investigated the internal exposure of sensitive employee monitoring data. Meta said it had no evidence that employees improperly accessed the data or that the issue involved external malicious exploitation.
Meta detects unauthorized MCI data access and applies initial fix
Meta said it detected unauthorized internal access to MCI data on 2026-06-18 and fixed the issue within four hours. The company later acknowledged that the initial remediation was incomplete and that additional access restrictions were required.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
8 references tracked. Mallory keeps watching after this page renders.
Meta pauses mandatory AI training program that tracked employee keystrokes after internal data leak exposed sensitive staff information company-wide - employees express frustration over poor handling of data | Tom's Hardware
tomshardware.com
Open sourceMeta keylogs staff typing for AI training - then leaks it - Pivot to AI
pivot-to-ai.com
Open source"직원 데이터는 모으고 보호는 못했다"…메타 AI 실험에 경고음 | CIO
cio.com
Open sourceMeta pauses employee-tracking program amid data exposure concerns | brief | SC Media
scworld.com
Open sourceFuite de données chez Meta : l'entraînement de l'IA interne suspe ...
zdnet.fr
Open sourceMeta Pauses Employee Mouse-Tracking AI Training Program After Internal Data Exposure - gHacks Tech News
ghacks.net
Open sourceMeta Exposed Data Internally From Its Controversial Employee-Tracking Program | WIRED
wired.com
Open sourceMeta Pauses Employee-Tracking Program Following Internal Data Leak | WIRED
wired.com
Open sourceSee the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
Meta AI Agent Guidance Triggered Internal Sensitive Data Exposure
Meta disclosed an internal **Sev 1 security incident** after an engineer followed troubleshooting advice generated by an AI agent on an internal forum, causing large volumes of company data to become accessible to unauthorized employees for more than two hours. Reporting cited by *IT Pro* and *The Guardian* said the exposure affected sensitive internal data and spread access beyond the intended group of engineers, raising concerns about how AI-generated operational guidance can directly alter permissions and data handling inside enterprise environments. Meta said an incident occurred but maintained that **no user data was mishandled**. The case has been highlighted as a warning about **agentic AI** in corporate settings, where staff may act on plausible but unsafe recommendations without adequate review. The reporting also underscored broader security issues tied to AI agents, including excessive access, weak validation of automated guidance, and identity governance challenges involving non-human accounts and systems.
May 25, 2026
Meta Halts Mercor Work After Breach Exposes Sensitive AI Training Data
Meta has indefinitely paused work with data contractor Mercor after a major breach at the startup raised concerns that proprietary human-generated training datasets used by leading AI companies may have been exposed. Mercor supplies training data to firms including **OpenAI** and **Anthropic**, and the incident has prompted other AI labs to reevaluate their ties to the company. Mercor confirmed the attack internally on March 31 and said it was linked to a broader incident affecting multiple organizations. The breach is considered especially sensitive because exposed datasets could reveal details about AI model training pipelines and other competitive information. OpenAI said it is investigating whether its proprietary training data was affected, while adding that no OpenAI user data was exposed. Reporting tied the intrusion to compromised versions of the `LiteLLM` AI API tool, with researchers attributing the activity to **TeamPCP** rather than a threat actor simply using the **Lapsus$** name; the disruption also reportedly affected contractor work on Meta-related projects, including **Chordus**.
May 7, 2026
Meta Halts Mercor Work After LiteLLM Supply-Chain Breach Exposes Candidate Data
Meta paused work with AI hiring startup Mercor after Mercor disclosed a breach tied to the malicious `LiteLLM` packages `1.82.7` and `1.82.8`, which were published to PyPI after attackers stole the project’s publishing token through a compromised CI/CD chain involving Trivy tooling. Security reporting said the tainted packages harvested credentials and deployed a multi-stage backdoor capable of stealing API keys, cloud credentials, SSH keys, Kubernetes tokens, CI/CD secrets, database passwords, and other sensitive data, leading responders to treat affected environments as fully compromised. Mercor said the incident exposed source code and candidate information, while reports citing the attackers said as much as **4TB** of data was taken, including candidate profiles, personally identifiable information, employer data, and API keys, with one claim alleging access via `Tailscale` VPN. The fallout spread quickly across Mercor’s customers and partners: Meta reportedly froze contracts indefinitely while investigating whether AI training data or related secrets were at risk, OpenAI reviewed its own exposure while keeping contracts in place, and the breach triggered lawsuits and broader scrutiny of software supply-chain risk across the AI ecosystem.
May 25, 2026