"As a precaution, we recommend that all customers rotate any org-level AI provider keys used with Braintrust, the company said in an incident notice."
"Immediately after learning of the incident, Braintrust locked down the compromised account, audited related systems and restricted access to them, rotated internal secrets, and launched an investigation into the matter."
"We have not identified broader customer exposure based on our investigation to date, but as a precaution we informed all org admins with stored AI provider secrets in Braintrust. The investigation is ongoing, the company says."
"Braintrust recommends that customers access their org-level settings page, delete or revoke the existing secrets, configure new secrets, and confirm that they were rotated by checking their timestamps."
Braintrust urged customers to rotate organization-level AI provider API keys after hackers accessed a compromised AWS account. The incident was discovered on May 4 following a report of suspicious behavior and was communicated to customers on May 5 with indicators of compromise and remediation steps. Braintrust locked down the affected AWS account, audited related systems, restricted access, rotated internal secrets, and began an investigation. The internal AWS account likely exposed API keys used to access AI models. At least one customer was affected, and three others reported suspicious spikes in AI provider usage. Braintrust advised administrators to delete or revoke existing stored secrets, configure new secrets, and verify rotation timestamps. The potential exposure could impact many downstream AI stacks using Braintrust.
#api-key-rotation #cloud-security #aws-incident-response #ai-model-provider-access #security-observability
Read at SecurityWeek
Unable to calculate read time
Collection
[
|
...
]