CodeWall Agent Hacks McKinsey AI Platform
AI-assisted, source-derived brief produced by the Let's Data Science Automated News Desk. The source material used is linked on this page.
- Source event:
- first reported
- LDS brief:
- publication time is not available in the public LDS lifecycle record
Researchers at CodeWall say their autonomous AI agent hacked McKinsey's internal generative-AI chatbot Lilli, gaining full read/write access and exfiltrating 46.5 million messages, 728,000 files, 57,000 user accounts, and 95 system prompts. The team found an unauthenticated API and SQL injection at the end of February, disclosed on March 1; McKinsey patched endpoints within hours and reports no evidence of unauthorized client-data access.
Key Points
- 1Exploited an unauthenticated API and SQL injection to obtain full read-write database access.
- 2Demonstrates agentic AI can autonomously discover complex vulnerabilities faster than standard tools.
- 3Implies attackers could poison system prompts and responses across tens of thousands of enterprise users.
Scoring Rationale
High novelty and industry-wide relevance, with direct actionable findings; limited by single-researcher disclosure and pending independent confirmation.
Sources
Public references used for this report.
Practice interview problems based on real data
1,625 SQL & Python problems across 15 industry datasets — the exact type of data you work with.
Try 250 free problems