Braintrust Confirms Unauthorized Access to AWS Account, Urges Customers to Rotate API Keys
Key Takeaways
- ▸Braintrust confirmed unauthorized access to an AWS account containing customer API keys used for cloud-based AI model access
- ▸The company advised all customers to rotate and replace their stored API keys despite reporting no evidence of actual data breach
- ▸One customer confirmed impacted; investigation into the breach cause ongoing
Summary
AI evaluation startup Braintrust confirmed unauthorized access to one of its Amazon Web Services (AWS) cloud accounts that contained customer API keys used for accessing cloud-based AI models. The company sent notification emails to customers Monday and subsequently disclosed the incident publicly on Tuesday, requesting that all customers rotate and replace any API keys stored with Braintrust as a precautionary measure.
According to Braintrust, the incident has been contained and the company has locked down the compromised account, audited and restricted access across related systems, and rotated internal secrets. The startup has communicated with one impacted customer and reports finding no evidence of broader exposure. CEO Martin Bergman stated the company notified customers "out of an abundance of caution," clarifying that while a security incident was confirmed, "there is no evidence of a breach at this time."
Braintrust, which provides a platform for companies to monitor and evaluate AI models and products, raised $80 million in Series B funding in February at an $800 million valuation. The security incident reflects a broader pattern where attackers target corporate cloud service accounts as an efficient way to steal API credentials and gain unauthorized access to downstream systems.
- The incident mirrors similar cloud-based breaches (CircleCI 2023, European Commission 2024), highlighting the widespread targeting of cloud service accounts by threat actors
