Meta, Anthropic & OpenAI hit by unexpected 4TB Data Breach +4 Moves

The Top 5 AI Governance Power Moves Week of Apr 7th 2026 Vol 40

Apr 07, 2026

Text within this block will maintain its original spacing when published

🪴Thanks for reading AI Governance, Ethics & Leadership! If you enjoyed the post, don’t be shy about it! Like it, add a comment, or a restack!!  
⬆️ Use my Linkedin Profile Summary Optimizer Free
🌿 Estimate Your AI Environmental Impact

Mercor just lost a billion-dollar client after a major data breach.

This week, while prepping for a talk on “Who Should Own AI Risk” with other Product Security and Platform leaders, one uncomfortable truth kept hitting us:

Too many organizations are still treating risk management (AI Governance included) as an after thought.

It’s inexcusable.

It quietly destroys reputations, costs real money, and invites regulators to come knocking.

This kind of failure doesn’t come from bad luck. It comes from moving too fast, asking too few hard questions, and treating “bias for action” as an excuse to skip basic observability and security hygiene.

We’re far too quick to be in awe of these flashy AI companies. Sometimes we should be wagging our fingers instead.

Here’s my blunt advice to executives and decision-makers reading this:

Be strategically slow where it counts.
Don’t just ask what AI can do. Ask where you desperately need deliberate friction.

This week’s Top 5 developments all reflect this tension:

YC Parts Ways With Delve – $32M Funding
Mercor Breach Impacts OpenAI, Anthropic & Meta
Newsom Signs New AI Executive Order
Software Engineering Jobs Get a Boost (with major caveats)
Sam Altman Releases New Policy Proposal on Societal Changes from AI

This week’s developments score a 50 on the EvA index.

Text within this block will maintain its original spacing when published

The EvA index ranks weekly developments on a single 0–100 scale where 0 = maximally exploitative and 100 = maximally accountable, so readers can instantly see whether leaders acted to protect people, rights, and oversight or to prioritize speed, control, or extraction.

This week’s developments score a 50 on the EvA index. for April 7th 2026

1. Mercor: How To Lose Billion Dollar Clients

Exploitation vs Accountability Index: 30 (Exploitation)

Mercor disclosed a security incident in which an attacker gained unauthorized access to internal systems and exfiltrated user data, including personal information belonging to developers on the platform. The breach raised concerns about transparency, incident‑response maturity, and whether proper safeguards were in place. The fallout highlights how early‑stage tech companies handling sensitive data can scale faster than their security posture, and how weak controls or delayed disclosure erode trust quickly. Read more on TechRepublic.

Impact to AI Governance (AD’s Take)
I’ve noticed a disturbing trend when it comes to the companies propping up the AI pipeline. Think ScaleAI and Mercor’s other competitors there’s not a lot of transparency or insight into their processes. But when it comes to a data breach this big it reinforces the notion that there wasn’t sufficient investments made in security and risk management.

👉 Executives: If you’re contracting an AI training company - you must have an understanding of the maturity of their security protocols.

2. True or Hype? Software Engineering Jobs Surge

Exploitation vs Accountability Index: 60 (Ethical Gray Area)

Tech companies posted over 67,000 software engineering roles in early 2026 — the highest level in more than three years. Much of the demand is tied to AI infrastructure, platform engineering, distributed systems, security, and data work. Read more on Business Insider.

What No One Will Tell You But I Will ( AD’s Take)
Take this headline with a BIG grain of salt. Job numbers get revised all the time. Most of the time, they’re revised down. We still don’t have clear data on compensation packages, bonus/equity structures, or seniority mix. If you ask me, this looks like narrative. Like a selective rebound driven by AI arms-race spending than a broad recovery. AI isn’t eliminating these roles yet but I believe that it’s changing their value and what companies are willing to pay for them.

👉 Hold measured optimism until updated jobs numbers and compensation details are shared.

3. Delve: Lack of Proper Due Diligence Burns YCombinator

Exploitation vs Accountability Index: 30 (Exploitation)

Delve, an AI-powered compliance startup, has been removed from Y Combinator after allegations that it produced fake or near-identical SOC 2 reports, misled customers, and rebranded open-source tools as proprietary products. Read more on TechCrunch.

AD’s Take: This is classic AI washing / compliance washing. We’ve seen this movie before (Builder, Frank, Theranos, and now Delve). Founders making promises that sound too good to be true, and sophisticated investors + accelerators failing at basic due diligence. I get the ick just thinking about it because some of the due diligence is as simple as sending an email. The real scandal here isn’t the deception - it’s how easily money and hype override scrutiny in the AI space.

👉 If you take nothing else away, know this - No legitimate compliance platform makes mid-to-large enterprises SOX/SOC 2 compliant in 6 months. That process usually takes 18–24 months because it’s about systems and process maturity, not a mere technology solution.

4. It’s Law: Newsom Signs New AI Order Into Effect

Exploitation vs Accountability Index: 75 (Accountable)

Gov. Gavin Newsom signed an executive order directing California agencies to set new standards for evaluating, purchasing, and using AI systems, with a focus on safety, transparency, bias and preventing misuse. The order requires vendors to demonstrate HOW their AI tools avoid harmful bias, protect privacy, and meet state-defined risk and performance criteria.

AD’s Take: This is one of the more substantive state-level moves we’ve seen. It forces public agencies to actually define risk criteria instead of blindly adopting vendor claims. California is trying to shape responsible AI norms where federal direction is weakening.

👉 Executives, Here’s What You Need To Know:

California’s Agencies kick off work on new standards now through EOY
Core enforcement set to take place on Jan 1 2027

Share AI Governance, Ethics and Leadership

5. Authentic or Con? OpenAI Industrial Policy Proposal

Exploitation vs Accountability Index: 55 (Ethical Gray Area)

Sam Altman and OpenAI released “Industrial Policy for the Intelligence Age,” proposing public wealth funds, four-day workweeks, stronger safety nets, taxes on automation gains, and major infrastructure upgrades to prepare for superintelligence. Read the proposal here.

AD’s Take: These are important topics that deserve serious discussion. However, the messenger undermines the message. Given OpenAI’s track record and the widespread skepticism (including blunt comments from peers like Dario Amodei), this feels more like positioning than a credible policy blueprint. The public would rather hear these ideas from elected leaders than from another self-appointed tech CEO.

🏁 The Close Out

This week’s developments expose a recurring failure. big bets funded with weak due diligence, underinvestment in ML security, and a rush to scale even as teams shrink.

That combination amplifies systemic risk: inflated claims get funded, exploitable models are deployed, and incident response capacity is thin.

Executives need to require more purposeful friction: enforceable third‑party audits, contractual SLAs that mandate breach notification and remediation, funded safety and MLOps roles, and investor checklists that require evidence not slogans. Automation is only beneficial when it accelerates safe practices, not replace accountability.