AI evaluation startup Braintrust confirms data breach
Original: AI evaluation startup Braintrust confirms breach, tells every customer to rotate sensitive keys
Why This Matters
Shows vulnerability risks in AI infrastructure platforms handling sensitive credentials
AI evaluation startup Braintrust confirmed unauthorized access to its AWS cloud account containing customer API keys. The company told all customers to rotate their sensitive API keys after the security incident.
Braintrust, an AI evaluation platform valued at $800 million, disclosed a security breach involving unauthorized access to one of its Amazon Web Services cloud accounts. The compromised account contained API keys used by customers to access cloud-based AI models. The company sent emails to customers Monday asking them to rotate all API keys stored with Braintrust 'out of an abundance of caution.' Braintrust said it has communicated with one impacted customer and found no evidence of broader exposure. The incident has been contained, with the company locking down the compromised account, auditing related systems, and rotating internal secrets. The cause remains under investigation.