AI evaluation platform Braintrust has confirmed a security incident involving unauthorized access to one of its Amazon Web Services (AWS) cloud accounts. In response, the company has issued a critical directive to its entire customer base: immediately revoke and replace all API keys stored on its platform.
While the startup maintains that there is no evidence of a widespread data leak, the incident highlights the growing risks associated with third-party infrastructure in the rapidly expanding AI sector.
The Scope of the Incident
The breach was identified after an earlier exposure of customer secrets. In an email sent to customers on Monday, Braintrust acknowledged the “unauthorized access” to a specific AWS account that housed API keys used by clients to interact with cloud-based AI models.
According to the communication:
– The company has contacted at least one impacted customer.
– To date, there is no evidence of broader exposure beyond the initial account.
– The incident has been contained, with the compromised account locked down and internal secrets rotated.
Braintrust published a formal disclosure on its website on Tuesday, stating that the cause of the breach is currently under investigation. Martin Bergman, a spokesperson for the company, described the mass notification as a precautionary measure. He emphasized that while a security incident was confirmed, “there is no evidence of a breach at this time.”
Why This Matters for AI Infrastructure
Braintrust describes its platform as an “operating system for engineers building AI software,” providing tools to monitor and evaluate AI models. The company recently raised $80 million in Series B funding, valuing it at $800 million. However, this incident underscores a critical vulnerability in the AI supply chain.
Jaime Blasco, co-founder of cybersecurity startup Nudge Security, warned that the incident could have “downstream implications for affected customers.” Many AI companies rely heavily on platforms like Braintrust to manage their development workflows. If attackers gain access to these centralized hubs, they can potentially compromise multiple downstream systems simultaneously.
The Risk: Hackers frequently target cloud service accounts and third-party platforms because they offer a high-reward, low-effort entry point. Stealing API keys allows attackers to impersonate legitimate users, bypassing traditional perimeter defenses without needing to break into the target company’s primary systems.
A Familiar Pattern in Tech Security
This incident mirrors previous breaches in the software development ecosystem. Notably, CircleCI, a popular continuous integration and deployment platform, suffered a similar cloud data breach in 2023. Like Braintrust, CircleCI was forced to advise all customers to rotate “any and all secrets” stored within its infrastructure.
These events suggest a persistent trend: as software development and AI training become increasingly reliant on third-party tools, the attack surface expands. Security is no longer just about protecting one’s own servers; it requires rigorous management of credentials stored across the entire vendor ecosystem.
Conclusion
Braintrust’s breach serves as a timely reminder for organizations in the AI space to adopt a “zero trust” approach to third-party integrations. While the immediate impact appears contained, the necessity of rotating keys highlights the fragility of centralized credential management and the ongoing need for robust security hygiene across the tech industry.
