Overview
Severity: CRITICAL | Affected: Cognition Core AI | Category: incident
Prominent AI developer Cognition Core AI disclosed a significant security incident after a misconfigured Amazon S3 bucket was discovered publicly accessible. The bucket contained a production database snapshot from late January 2025, exposing thousands of active API keys for their flagship 'Insight-5' language model, along with user metadata and query logs. The exposure, which lasted for an estimated 72 hours before being secured, could have allowed unauthorized actors to perform high-volume, malicious inference attacks using the compromised keys at the company's expense. Cognition Core AI has since rotated all affected keys, notified impacted customers, and stated they are implementing stricter automated checks for cloud storage permissions to prevent future occurrences. The full extent of any malicious use of the keys is still under investigation.