Braintrust said hackers accessed an AWS account and may have exposed org-level AI provider API keys, prompting the company to advise customers to rotate their secrets immediately. The incident was discovered on May 4, affected at least one customer, and led to internal lockdowns, secret rotations, and an ongoing investigation. #Braintrust #AWS #Box #Cloudflare #Dropbox #Notion #Ramp #Stripe
Keypoints
- Braintrust detected suspicious activity in its AWS account on May 4.
- The company locked down the account, audited systems, and rotated internal secrets.
- Customers were told to rotate any org-level AI provider API keys used with Braintrust.
- At least one customer was affected, and three others saw suspicious spikes in AI usage.
- The incident may have exposed secrets used by companies such as Box, Cloudflare, Dropbox, Notion, Ramp, and Stripe.
Read More: https://www.securityweek.com/ai-firm-braintrust-prompts-api-key-rotation-after-data-breach/