Meta has paused the Model Capability Initiative after an internal data-security incident exposed sensitive employee information collected through workplace activity tracking.
The program was introduced in April to help Meta train AI systems on how employees use work software. It captured mouse movements, clicks, keystrokes and occasional screen content from U.S.-based staff, creating a pool of real workplace interaction data for models designed to operate computers and complete software tasks.
The pause followed a data exposure involving private conversations, performance metrics, transcriptions and confidential employee material. Meta said it found no evidence that the data was improperly used, but the company has stopped the program while it examines the incident.
The breach escalated a privacy fight that had already been building inside the company. Participation was mandatory for many workers, and the collected data went beyond normal workplace telemetry. Employees had already pushed back against the initiative, with Reuters reporting in May that staff were organizing against the program through internal petitions and flyers opposing employee mouse-tracking technology.
Meta’s AI strategy depends on real interaction data. For agent-style systems, mouse movement, keyboard input, menus, internal tools and screen context can help models learn how people complete tasks across software. That makes employee workflows valuable training material, but it also makes storage permissions, access control and encryption part of the AI pipeline.
The exposed information was not only generic usage data. Wired reported that the internal lapse made large volumes of MCI-related data accessible across Meta, widening the incident from a narrow tracking dispute into a broader governance failure around sensitive workplace data.
That is the sharper issue for Meta and other AI companies. Internal work data is increasingly valuable because it can train systems to operate software, automate office tasks and mimic real employee workflows. But once that data includes performance context, private conversations or screen activity, a weak permission layer can turn AI training infrastructure into an internal exposure point.
The risk resembles the wider security problem facing companies that store high-value operational data inside developer tools, internal systems and model pipelines. Recent corporate incidents, including a claimed Novo Nordisk GitHub token breach tied to cyber-extortion demands, show how internal technical access can become the entry point for larger data exposure.
The MCI pause follows earlier criticism that Meta’s rollout moved faster than its employee controls. Reuters reported in April that Meta planned to capture mouse movements, clicks and keystrokes from U.S.-based employees for AI training, then reported in early June that the company had scaled back parts of the plan by adding pause controls and exemption requests after staff pushback.
Those changes were meant to soften the privacy impact, but the latest incident shifts the concern from consent to security. If employee activity data is collected for model training, the strongest control is not only whether workers can pause collection. It is whether the resulting data tables, transcripts, screenshots and performance-related material are locked down tightly enough to avoid broad internal exposure.
The case also lands as AI systems gain more privileged roles across consumer platforms, support flows and enterprise software. Security incidents around credentials, activity data and account access remain especially relevant for financial and crypto users, where malware campaigns such as Microsoft’s USB-spread crypto clipper warning show how quickly sensitive input data can become an attack surface.
Meta’s MCI program remains paused while the company investigates a SEV 2 internal security incident tied to employee activity data. The exposed material included private conversations, performance-related information and transcriptions, and Meta has not given a restart date for the tracking system. Any return now depends on tighter access controls around the same keystroke, mouse-movement and screen-context data that the program was built to collect.
The post Meta Pauses AI Training Program After Employee Data Leak Exposes Internal Privacy Risk appeared first on Crypto Adventure.
