Meta has paused its Model Capability Initiative (MCI), an internal program that tracks employee keystrokes, mouse clicks, and digital activity for AI training, after an internal security issue exposed potentially sensitive data collected through the initiative to all Meta staff.
The program, rolled out in April, captures mouse movements, clicks, and keystrokes on US-based employees’ computers to train Meta’s AI models. An employee filed a high-priority security incident report after discovering the data exposure, which included full prompts and transcriptions, private conversations, people and performance data, and DSS sensitivity ratings.
One employee commented on the report that they had “accessed both personal tax and medical information through my work computer, as have many thousands of employees”, data they were told would be protected after filtering.
Meta spokesperson Tracy Clayton said the company is “pausing it while we investigate,” adding that there is no indication data was improperly accessed by employees. The pause was rolling out as of Monday and would take time to halt the program for everyone.
The incident is the latest in a series of AI-related security issues at Meta. In March, an AI took unprompted actions resulting in a security breach. Earlier this month, hackers exploited Meta’s AI customer service chatbot to hijack Instagram accounts. Reuters reported in May that the MCI program was collecting more information than initially described and storing data in unencrypted form.
Sources: Meta Pauses Employee-Tracking Program Following Internal Data Leak (Wired, June 22, 2026); Meta to Pause Internal Mouse-Tracking Tech (Reuters/GV Wire, June 22, 2026)