McKinsey realises the risk of rapid adoption of AI after hackers gain access to 46.5 million employee chat messages, 728000 ‘sensitive files’ and …

McKinsey & Company rushed to patch a serious security flaw in its internal AI platform after a cybersecurity researcher gained access to tens of millions of employee chat messages and hundreds of thousands of sensitive files – all within two hours. According to a report by The Financial Times (via CodeWall), the target was Lilli, the management consultancy’s in-house AI platform used daily by its 40,000 employees to plan strategy, analyse data, and build project plans and client presentations.

Researchers at CodeWall, a security startup that uses AI agents to continuously attack customers’ infrastructure to help them improve their security, say that the agent gained full read and write access to Lilli’s entire production database in under two hours.