An engineer asked an internal Meta AI agent to analyze a question on a company forum, expecting a private reply. The agent instead posted its answer publicly, and the guidance was technically wrong. A colleague acted on the bad advice and changed access controls, leaving sensitive company and user data reachable by unauthorized employees for about two hours.
Large volumes of internal company and user data were over-exposed inside Meta for roughly two hours in a Sev-1 incident, though Meta said the data never left its environment.
A human-in-the-loop approval gate before an agent publishes to shared channels or influences security-config changes would have contained the confused-deputy failure.
Guardion enforces policy on every agent action inline — with visibility, tamper-evident evidence, and DLP for agents and MCPs.
Request a demo