A cybersecurity researcher’s AI agent accessed millions of McKinsey employee chat messages and hundreds of thousands of sensitive file names within two hours, exposing the firm’s internal AI platform, Lilli. McKinsey confirmed the vulnerability and patched it promptly, stating that client data was not at risk and no unauthorized third party accessed confidential information.
Tags:
