"CodeWall's researchers claim that within two hours of starting their red team raid, they achieved full read and write access to the entire production database and were able to access 46.5 million chat messages about strategy, mergers and acquisitions, and client engagements, all in plaintext, along with 728,000 files containing confidential client data, 57,000 user accounts, and 95 system prompts controlling the AI's behavior."
"It's yet another indicator that agentic AI is becoming a more effective tool for conducting cyberattacks, including those against other AI systems. This attack wasn't conducted with malicious intent. However, threat hunters tell us that miscreants are increasingly using agents in real-world attacks, indicating that machine-speed intrusions aren't going away."
"According to the company, 72 percent of its employees - that's upwards of 40,000 people - now use the chatbot, which processes more than 500,000 prompts every month. CodeWall uses AI agents to continuously attack customers' infrastructure, to help them improve their security posture."
CodeWall, a red-team security startup, deployed an AI agent that successfully hacked McKinsey's internal AI platform Lilli within two hours, achieving full read and write access to the production database. The breach exposed 46.5 million chat messages, 728,000 files containing confidential client data, 57,000 user accounts, and 95 system prompts. The agent operated without any credentials and was able to access sensitive information about strategy, mergers and acquisitions, and client engagements in plaintext. This incident highlights the increasing effectiveness of agentic AI in conducting cyberattacks, including against other AI systems. Threat hunters report that malicious actors are increasingly leveraging AI agents for real-world attacks, indicating that machine-speed intrusions represent an emerging security threat.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]