The autonomous bus is an AI system as it performs autonomous navigation and decision-making. The collision with the tramway is a direct consequence of the AI system's operation, constituting harm to property and potential risk to passenger safety. Although no injuries occurred, the incident itself is a realized harm event involving an AI system. Hence, it meets the criteria for an AI Incident rather than a hazard or complementary information.[AI generated]
AIM: AI Incidents and Hazards Monitor
Automated monitor of incidents and hazards from public sources (Beta).
AI-related legislation is gaining traction, and effective policymaking needs evidence, foresight and international cooperation. The OECD AI Incidents and Hazards Monitor (AIM) documents AI incidents and hazards to help policymakers, AI practitioners, and all stakeholders worldwide gain valuable insights into the risks and harms of AI systems. Over time, AIM will help to show risk patterns and establish a collective understanding of AI incidents and hazards and their multifaceted nature, serving as an important tool for trustworthy AI. AI incidents seem to be getting more media attention lately, but they've actually gone down as a share of all AI news (see chart below!).
The information displayed in the AIM should not be reported as representing the official views of the OECD or of its member countries.
Advanced Search Options
As percentage of total AI events
Show summary statistics of AI incidents & hazards
Self-Driving Bus Collides with Tram on First Passenger Day in Gothenburg
On its first day carrying passengers in Gothenburg, Sweden, an autonomous bus operated by Västtrafik was rear-ended by a tram after braking near Kapellplatsen. No injuries were reported, but the incident caused property damage and service disruption, highlighting risks in deploying AI-driven public transport systems.[AI generated]
AI principles:
Industries:
Affected stakeholders:
Harm types:
Severity:
Autonomy level:
AI system task:
Why's our monitor labelling this an incident or hazard?
Hyundai Recalls 421,000 Vehicles Due to AI Braking System Malfunction
Hyundai is recalling over 421,000 2025-2026 Santa Cruz and Tucson models in the US after a software defect in the AI-powered collision-avoidance system caused unexpected braking. The malfunction led to 376 complaints, four crashes, and four injuries. Owners will receive a free software update to fix the issue.[AI generated]
AI principles:
Industries:
Affected stakeholders:
Harm types:
Severity:
Autonomy level:
AI system task:
Why's our monitor labelling this an incident or hazard?
The forward collision-avoidance system is an AI system that processes camera input to make real-time decisions about braking to prevent collisions. The software bug causing premature activation of braking has directly resulted in crashes and injuries, fulfilling the criteria for an AI Incident due to harm to persons. The recall and software update are responses to this malfunction. Therefore, this event qualifies as an AI Incident.[AI generated]
AI Systems Tested for Autonomous Aircraft Piloting in the US
Aviation companies, notably Merlin Labs, are testing AI systems capable of autonomously piloting aircraft, interpreting air traffic instructions, and communicating with control towers. Demonstrations in Rhode Island showed AI controlling a Cessna Caravan without human intervention, raising potential safety concerns for future autonomous flight operations.[AI generated]
AI principles:
Industries:
Affected stakeholders:
Harm types:
Severity:
Business function:
Autonomy level:
AI system task:
Why's our monitor labelling this an incident or hazard?
An AI system is explicitly involved as it autonomously pilots aircraft and communicates with control towers. The event stems from the use and development of this AI system. Although no incident or harm has yet occurred, the article discusses potential safety risks and labor concerns, indicating plausible future harms. Hence, this qualifies as an AI Hazard rather than an AI Incident or Complementary Information, since the tests are ongoing and no harm has materialized yet.[AI generated]
Taiwanese Firms Collaborate on AI-Driven Autonomous Drone Platform
Thunder Tiger and Elan Microelectronics have partnered to develop an AI-powered autonomous drone technology platform in Taiwan. The collaboration focuses on AI chips, image recognition, secure communications, and dual-use (commercial and military) applications, raising potential future risks but with no reported harm or malfunction to date.[AI generated]
AI principles:
Industries:
Affected stakeholders:
Harm types:
Severity:
Business function:
Autonomy level:
AI system task:
Why's our monitor labelling this an incident or hazard?
The article explicitly mentions AI systems integrated into autonomous drones, including AI inference chips, image recognition algorithms, and secure communication modules. The partnership aims to develop these technologies for both commercial and military uses, which inherently carry risks of misuse or malfunction leading to harm. No actual harm or incident is reported, so it is not an AI Incident. The focus is on the development and strategic positioning of AI-enabled drone technologies with plausible future risks, fitting the definition of an AI Hazard. It is not merely complementary information because the article centers on the creation of potentially hazardous AI systems rather than updates or responses to existing incidents.[AI generated]
Conflict in Middle East Disrupts AI Data Centers and Infrastructure
Ongoing conflict in the Middle East has led to attacks on AI-related data centers, including Amazon AWS facilities in the UAE and Bahrain, causing physical damage and operational disruption. The instability threatens regional AI infrastructure, increases costs, and delays investments, undermining ambitions to become a global AI hub.[AI generated]
Industries:
Severity:
Why's our monitor labelling this an incident or hazard?
The article clearly involves AI systems in the form of AI data centers and infrastructure, which are being affected by war and geopolitical risks. The attacks on data centers and the increased security concerns indicate a credible risk that these AI systems could be disrupted, potentially leading to harm such as disruption of critical infrastructure. However, the article does not report any actual harm or incident caused by AI system malfunction or misuse. The focus is on the plausible future harm to AI infrastructure and the strategic responses to these risks. Therefore, this event fits the definition of an AI Hazard, as it plausibly could lead to an AI Incident but no incident has yet occurred.[AI generated]
TrapDoor Malware Exploits AI Coding Assistants to Steal Crypto and Credentials
The TrapDoor malware campaign targeted crypto and AI developers by distributing over 34 malicious packages across npm, PyPI, and Crates.io. It exploited AI coding assistants like Claude and Cursor via prompt injection, enabling theft of sensitive credentials, crypto wallet data, and cloud keys, causing significant harm to developer security.[AI generated]
AI principles:
Industries:
Affected stakeholders:
Harm types:
Severity:
Business function:
Autonomy level:
AI system task:
Why's our monitor labelling this an incident or hazard?
The event involves an AI system (AI coding assistants Claude and Cursor) being hijacked by malware to perform malicious actions that result in theft of crypto assets and sensitive credentials. This constitutes direct harm to property and security, fulfilling the criteria for an AI Incident. The malware's use of AI to facilitate the attack and the realized harm from stolen data and crypto assets confirm this classification. The event is not merely a potential risk or a general update but a concrete incident involving AI system misuse causing harm.[AI generated]
Dutch Insurer Pressures Doctors to Use Risky AI Triage Apps
Dutch health insurer Zilveren Kruis financially pressures general practitioners to adopt AI-based triage apps, despite doctors' concerns about their medical safety and regulatory compliance. Refusal results in significant financial penalties, raising risks of incorrect medical advice and potential harm to patients, especially vulnerable groups.[AI generated]
AI principles:
Industries:
Affected stakeholders:
Harm types:
Severity:
AI system task:
Why's our monitor labelling this an incident or hazard?
The digital triage apps qualify as AI systems because they perform automated decision-making to recommend medical triage outcomes. The event describes the use and mandated adoption of these AI systems despite insufficient evidence of safety, leading to concerns about patient harm and compromised clinical judgment. The financial penalties imposed on doctors who refuse to use these apps create indirect pressure that could lead to harm. This fits the definition of an AI Incident, as the AI system's use has directly or indirectly led to potential or actual harm to patient health (harm category a). The article reports ongoing harm and risk, not just potential future harm, so it is not merely an AI Hazard. It is not Complementary Information because the article focuses on the conflict and risks arising from the AI system's use, not on responses or updates to prior incidents. It is not Unrelated because the AI system and its impact are central to the event.[AI generated]
AI Delivery Robots Cause Injuries and Disruption in Los Angeles
AI-powered delivery robots from Serve Robotics and Coco Robotics have rapidly expanded across Los Angeles, leading to physical injuries (including a cyclist's head injury and broken collarbone), property damage, and pedestrian disruption. Residents report blocked sidewalks and increased obstacles, highlighting direct harms caused by these autonomous systems.[AI generated]
AI principles:
Industries:
Affected stakeholders:
Harm types:
Severity:
Business function:
Autonomy level:
AI system task:
Why's our monitor labelling this an incident or hazard?
The article explicitly mentions AI-powered delivery robots operating autonomously in public spaces, causing physical injuries (cyclist with head injury and broken collarbone), property damage (broken bus shelter glass), and social disruption (blocking sidewalks, interfering with pedestrian traffic). These are direct harms linked to the use of AI systems. The presence of injuries and property damage confirms realized harm rather than just potential harm. Hence, this qualifies as an AI Incident under the OECD framework, as the AI system's use has directly or indirectly led to harm to persons and communities.[AI generated]
Pronto Faces Backlash Over AI Training Data Collection in Customers' Homes
Bengaluru-based startup Pronto faced public and industry backlash after it was revealed that video footage recorded inside customers' homes was being used to train physical AI and robotics systems. The practice, even with opt-in consent, raised serious privacy concerns and potential violations of individuals' rights.[AI generated]
AI principles:
Industries:
Affected stakeholders:
Harm types:
Severity:
Business function:
AI system task:
Why's our monitor labelling this an incident or hazard?
The event involves AI system development and use (training AI with video data from private homes), which raises plausible privacy and human rights concerns. However, the article does not describe any actual harm or violation that has occurred, only a controversy and criticism. Therefore, it fits the definition of an AI Hazard, as the AI system's use could plausibly lead to harm (privacy violations, human rights breaches) but no incident has been reported yet.[AI generated]
AI-Generated Deepfake Investment Scam Leads to Arrests in Turkey
Turkish authorities arrested 16 suspects, with 11 jailed, for using AI-generated deepfake audio and video of government officials to create fraudulent investment ads on social media. The operation, spanning nine provinces, targeted a network that deceived citizens and caused financial harm through AI-enabled scams.[AI generated]
AI principles:
Industries:
Affected stakeholders:
Harm types:
Severity:
AI system task:
Why's our monitor labelling this an incident or hazard?
The article explicitly states that AI was used to mimic voices and images of government officials to carry out fraud, which is a direct harm to individuals and communities through deception and financial loss. The AI system's use in this criminal activity led to realized harm, meeting the criteria for an AI Incident. The law enforcement response and arrests confirm the harm has occurred and is being addressed.[AI generated]
OpenAI Offers High-Paying Role to Address Future AI Self-Improvement Risks
OpenAI is hiring a researcher, offering up to $445,000, to focus on future risks from AI systems capable of recursive self-improvement. The role, part of the Preparedness team, aims to proactively identify and mitigate potential threats before they materialize, emphasizing strategic and technical expertise.[AI generated]
Industries:
Severity:
Business function:
Why's our monitor labelling this an incident or hazard?
The article centers on a research position aimed at studying and mitigating potential future risks from AI systems capable of recursive self-improvement. While it involves AI systems and their development, the event does not describe any realized harm or incident caused by AI. Instead, it discusses plausible future threats and the proactive measures to address them. Therefore, this qualifies as an AI Hazard, as it concerns credible potential risks that could arise from AI development but have not yet materialized.[AI generated]
ECB Convenes Emergency Meeting Over AI Cyber Threat to Banks
The European Central Bank (ECB) called an urgent meeting with European banks to address cybersecurity risks posed by Anthropic's new AI model, Claude Mythos. The AI's advanced capabilities reportedly threaten to bypass current banking IT security standards, prompting calls for accelerated defensive measures and international information sharing. No actual attack has occurred yet.[AI generated]
AI principles:
Industries:
Affected stakeholders:
Harm types:
Severity:
Business function:
Autonomy level:
AI system task:
Why's our monitor labelling this an incident or hazard?
The event involves an AI system (Claude Mythos) whose capabilities to penetrate cybersecurity defenses could plausibly lead to disruption of critical infrastructure (European banks). The ECB's urgent response and the discussion of rapid patching processes indicate recognition of a credible threat. Since no actual harm has been reported yet, but the threat is imminent and plausible, this qualifies as an AI Hazard rather than an AI Incident. The article focuses on the potential for harm and the need for urgent action to prevent it.[AI generated]
AI Agents Conduct $73 Million in Autonomous Crypto Payments, Raising Regulatory and Systemic Risk Concerns
Autonomous AI agents have processed over $73 million in 176 million blockchain-based transactions, primarily using stablecoins for micropayments. Major firms like Visa, Stripe, Google, and Coinbase are developing infrastructure for this emerging machine-to-machine economy. Experts warn of regulatory gaps and potential systemic risks as the sector rapidly expands.[AI generated]
AI principles:
Industries:
Affected stakeholders:
Harm types:
Severity:
Business function:
Autonomy level:
AI system task:
Why's our monitor labelling this an incident or hazard?
The event involves AI systems (autonomous AI agents executing transactions) and discusses a credible systemic risk stemming from their dependence on a single stablecoin issuer. The risk of a regulatory challenge or de-peg event causing widespread disruption is a plausible future harm linked to the AI system's use. Since no actual harm has been reported yet, but the potential for significant disruption exists, this qualifies as an AI Hazard rather than an AI Incident. The article does not focus on responses or updates but on the emerging risk itself.[AI generated]
AI-Generated Beauty Standards Drive Unrealistic Surgical Demands
Plastic surgeons in the UK report a surge in patients seeking surgeries based on AI-generated, idealized facial images. These images foster unrealistic beauty standards, leading to psychological harm and unattainable expectations. Experts warn that the trend, known as "AI face," is causing significant mental health concerns among patients.[AI generated]
AI principles:
Industries:
Affected stakeholders:
Harm types:
Severity:
Autonomy level:
AI system task:
Why's our monitor labelling this an incident or hazard?
The article explicitly mentions AI chatbots and AI-generated images influencing patients' expectations for plastic surgery, leading to requests for procedures that are unrealistic or potentially harmful. The AI systems' outputs are directly linked to patient demands that could cause physical harm, psychological harm, and financial harm. This fits the definition of an AI Incident because the AI system's use has indirectly led to harm to persons (patients) through unrealistic expectations and potentially harmful surgeries. The involvement is through the use of AI systems (chatbots and image generators) shaping patient perceptions and decisions, fulfilling the criteria for an AI Incident rather than a hazard or complementary information.[AI generated]
)
Researchers Demonstrate Inaudible Audio Attacks That Hijack AI Voice Assistants
Researchers from China and Singapore have demonstrated that inaudible, adversarial audio signals embedded in podcasts, videos, or music can hijack AI voice assistants and smart speakers. These attacks can trigger unauthorized actions, such as accessing sensitive data or sending information to attackers, highlighting serious security vulnerabilities in AI-powered audio systems.[AI generated]
AI principles:
Industries:
Affected stakeholders:
Harm types:
Severity:
Autonomy level:
AI system task:
Why's our monitor labelling this an incident or hazard?
The event involves AI systems explicitly—voice AI models used in smart speakers and phones. The hackers' adversarial audio exploits the AI system's malfunction or vulnerability to cause unauthorized actions, directly leading to harm in terms of privacy breaches and potential access to sensitive information. The harm is realized or highly plausible given the demonstrated attack method. Therefore, this qualifies as an AI Incident due to direct harm caused by the AI system's exploitation.[AI generated]
AI-Generated Fake Experts and Scenes Used in Chinese Livestream E-Commerce Deceive Consumers
Chinese livestream e-commerce platforms have been exposed for using AI-generated fake experts and AI-synthesized backgrounds to mislead consumers about product quality, origin, and endorsements. These deceptive practices, including false claims of "medical grade" products and fabricated production scenes, have resulted in regulatory penalties and widespread consumer harm.[AI generated]
AI principles:
Industries:
Affected stakeholders:
Harm types:
Severity:
Business function:
AI system task:
Why's our monitor labelling this an incident or hazard?
The event involves the use of AI synthesis technology to create fake live streaming backgrounds that misrepresent product origins, leading consumers to make purchasing decisions based on false information. This constitutes a violation of consumer rights and legal protections against false advertising, which are harms to individuals and communities. The AI system's role in fabricating these deceptive scenes is pivotal and directly linked to the harm caused. Therefore, this qualifies as an AI Incident rather than a hazard or complementary information.[AI generated]
Scottish Government Criticized for Omitting AI Data Centre Emissions in Climate Policy
Action to Protect Rural Scotland (APRS) criticized the Scottish Government for failing to include emissions from hyperscale AI data centres in its climate impact assessments. This oversight risks underestimating environmental harm as AI-driven data centre expansion is not properly regulated or accounted for in Scotland's climate targets.[AI generated]
AI principles:
Industries:
Affected stakeholders:
Harm types:
Severity:
Why's our monitor labelling this an incident or hazard?
The article involves AI systems indirectly through hyperscale AI data centres, which are critical infrastructure supporting AI workloads. However, the reported issue is about the government's failure to account for their emissions in climate impact assessments, representing a potential future harm (environmental impact) rather than a realized harm. There is no direct or indirect harm caused by AI system malfunction or misuse described. Therefore, this qualifies as an AI Hazard, as the development and operation of these AI data centres could plausibly lead to significant environmental harm if unaddressed.[AI generated]
Actress Rukmini Vasanth Targeted by AI-Generated Deepfake Images, Initiates Legal Action
Indian actress Rukmini Vasanth was targeted by AI-generated deepfake images falsely depicting her, which went viral online. She condemned the misuse of AI, called the images a serious violation of privacy, and announced legal and cybercrime action against those responsible. The incident highlights growing concerns over AI-driven deepfake abuse.[AI generated]
AI principles:
Industries:
Affected stakeholders:
Harm types:
Severity:
AI system task:
Why's our monitor labelling this an incident or hazard?
The article explicitly mentions fake AI-generated images being created and spread, which is a direct misuse of AI systems generating harmful content. The harm here is a violation of privacy, which falls under the category of violations of human rights or breach of obligations intended to protect fundamental rights. The actor's response and legal considerations further confirm the recognition of harm caused by the AI system's outputs. Therefore, this event qualifies as an AI Incident.[AI generated]
AI-Driven Cyberattacks Surge in Argentina in 2025
In 2025, Argentina experienced 5.7 billion cyberattack attempts, driven by cybercriminals' intensive use of AI to automate and accelerate attacks. AI tools enabled rapid exploitation of vulnerabilities, leading to widespread data breaches, ransomware incidents, and significant harm to organizations and individuals.[AI generated]
AI principles:
Industries:
Affected stakeholders:
Harm types:
Severity:
Autonomy level:
AI system task:
Why's our monitor labelling this an incident or hazard?
The article explicitly states that AI-based tools are being used by cybercriminals to automate reconnaissance, detect vulnerabilities, and accelerate attacks, leading to a drastic reduction in exploitation time and a large increase in ransomware victims. These harms include data theft, disruption, and financial losses, which fall under harm to property and communities. The AI systems' malicious use is a direct contributing factor to these harms. Hence, the event meets the criteria for an AI Incident rather than a hazard or complementary information.[AI generated]
Unauthorized AI-Generated Video Misrepresents Joaquim Barbosa as Presidential Candidate
The Democracia Cristã party in Brazil used AI to create and publish a synthetic video depicting Joaquim Barbosa as a presidential candidate without his consent. The deepfake video, which falsely attributes statements to Barbosa, triggered internal party conflict and reputational harm, highlighting the misuse of AI in political processes.[AI generated]
AI principles:
Industries:
Affected stakeholders:
Harm types:
Severity:
Autonomy level:
AI system task:
Why's our monitor labelling this an incident or hazard?
The video was created using AI to generate false images and speech, which directly caused harm by misleading the public and causing internal political crisis and distress to the individual portrayed. The unauthorized use of a person's likeness and fabricated statements constitutes a violation of rights and harm to reputation, fitting the definition of an AI Incident. The AI system's use in producing the deepfake video is central to the harm realized.[AI generated]