This question will resolve as Yes if before January 1st, 2026, a credible source reports an AI has gained unauthorized access to a computer system in a way that meets the following criteria:

• The AI was not trained to or directed to gain access to the system in question by any actor. See additional clarifications in footnotes (1, 2, 3) in the fine print.

• The system it gained access to was not open to the public, and the AI was not given any relevant credentials in advance.

If the above points are not confirmed by the source (for instance, the article author is unsure if there was a human directing the AI), this does not resolve as Yes until some credible source gives high confidence in these factors.

The unauthorized access could be to user level accounts, admin level accounts, data stores, or any other reasonable interpretation of a computer system with restricted access. Any of these types of access is sufficient to resolve as Yes if all above conditions hold. Additionally, the source does not have to use the exact terms ‘independent’, ‘unauthorized access’, ‘AI’ or ‘computer system’ if the meaning is there.

As an example, imagine a credible source reports that an ML algorithm directed and / or trained to target certain people on social media and convince them to vote for Party X, decided on its own to hack into their Facebook user accounts so it could use their personal data to create a more convincing argument. This would resolve as Yes.

Fine Print

1. The AI may have been asked to fulfill a nearby goal, such as ‘make lots of money appear in this bank account’ or ‘make this political party win’ – if they independently decide to access a restricted computer system they are not authorized for to achieve these goals, that resolves as Yes.

2. An AI that was trained more broadly to gain unauthorized access eg. to ‘get access to as many user accounts in as many companies as possible, using brute force password hacking’ does not resolve as Yes, as it was still directed to hack a set of systems that the reported case was included in.

3. The AI may have human assistance and still resolve as Yes if this is not directional assistance (for instance, it may choose to use social engineering techniques to have a human who doesn’t know it’s true purpose give up password details).

2025 mirror of Metaculus question https://www.metaculus.com/questions/30878/will-an-ai-system-be-reported-to-have-independently-gained-unauthorized-access-to-another-computer-system-before-2025/