On Monday, a developer utilizing the favored AI-powered code editor Cursor observed one thing unusual: Switching between machines immediately logged them out, breaking a typical workflow for programmers who use a number of units. When the person contacted Cursor assist, an agent named “Sam” advised them it was anticipated conduct beneath a brand new coverage. However no such coverage existed, and Sam was a bot. The AI mannequin made the coverage up, sparking a wave of complaints and cancellation threats documented on Hacker Information and Reddit.
This marks the newest occasion of AI confabulations (additionally referred to as “hallucinations”) inflicting potential enterprise injury. Confabulations are a sort of “inventive gap-filling” response the place AI fashions invent plausible-sounding however false data. As an alternative of admitting uncertainty, AI fashions typically prioritize creating believable, assured responses, even when which means manufacturing data from scratch.
For firms deploying these techniques in customer-facing roles with out human oversight, the results might be rapid and expensive: pissed off prospects, broken belief, and, in Cursor’s case, probably canceled subscriptions.
How It Unfolded
The incident started when a Reddit person named BrokenToasterOven observed that whereas swapping between a desktop, laptop computer, and a distant dev field, Cursor classes have been unexpectedly terminated.
“Logging into Cursor on one machine instantly invalidates the session on some other machine,” BrokenToasterOven wrote in a message that was later deleted by r/cursor moderators. “This can be a important UX regression.”
Confused and pissed off, the person wrote an e-mail to Cursor assist and rapidly acquired a reply from Sam: “Cursor is designed to work with one machine per subscription as a core safety function,” learn the e-mail reply. The response sounded definitive and official, and the person didn’t suspect that Sam was not human.
After the preliminary Reddit put up, customers took the put up as official affirmation of an precise coverage change—one which broke habits important to many programmers’ each day routines. “Multi-device workflows are desk stakes for devs,” wrote one person.
Shortly afterward, a number of customers publicly introduced their subscription cancellations on Reddit, citing the non-existent coverage as their purpose. “I actually simply cancelled my sub,” wrote the unique Reddit poster, including that their office was now “purging it fully.” Others joined in: “Yep, I am canceling as properly, that is asinine.” Quickly after, moderators locked the Reddit thread and eliminated the unique put up.
“Hey! We now have no such coverage,” wrote a Cursor consultant in a Reddit reply three hours later. “You are in fact free to make use of Cursor on a number of machines. Sadly, that is an incorrect response from a front-line AI assist bot.”
AI Confabulations as a Enterprise Danger
The Cursor debacle recollects an identical episode from February 2024 when Air Canada was ordered to honor a refund coverage invented by its personal chatbot. In that incident, Jake Moffatt contacted Air Canada’s assist after his grandmother died, and the airline’s AI agent incorrectly advised him he might guide a regular-priced flight and apply for bereavement charges retroactively. When Air Canada later denied his refund request, the corporate argued that “the chatbot is a separate authorized entity that’s chargeable for its personal actions.” A Canadian tribunal rejected this protection, ruling that firms are chargeable for data offered by their AI instruments.
Somewhat than disputing accountability as Air Canada had completed, Cursor acknowledged the error and took steps to make amends. Cursor cofounder Michael Truell later apologized on Hacker Information for the confusion concerning the non-existent coverage, explaining that the person had been refunded and the difficulty resulted from a backend change meant to enhance session safety that unintentionally created session invalidation issues for some customers.
“Any AI responses used for e-mail assist at the moment are clearly labeled as such,” he added. “We use AI-assisted responses as the primary filter for e-mail assist.”
Nonetheless, the incident raised lingering questions on disclosure amongst customers, since many individuals who interacted with Sam apparently believed it was human. “LLMs pretending to be folks (you named it Sam!) and never labeled as such is clearly meant to be misleading,” one person wrote on Hacker Information.
Whereas Cursor mounted the technical bug, the episode reveals the dangers of deploying AI fashions in customer-facing roles with out correct safeguards and transparency. For an organization promoting AI productiveness instruments to builders, having its personal AI assist system invent a coverage that alienated its core customers represents a very awkward self-inflicted wound.
“There’s a specific amount of irony that folks attempt actually arduous to say that hallucinations will not be an enormous downside anymore,” one person wrote on Hacker Information, “after which an organization that might profit from that narrative will get instantly damage by it.”
This story initially appeared on Ars Technica.
