Overview
Severity: CRITICAL | Affected: Nexus AI | Category: breach
Leading AI services provider Nexus AI has confirmed a severe data breach that exposed a production database containing millions of customer prompts, model responses, and proprietary fine-tuning datasets. The attackers reportedly exploited an unpatched vulnerability in a third-party data orchestration tool used within Nexus AI's cloud infrastructure. The compromised data includes sensitive corporate information, personally identifiable information (PII), and intellectual property that enterprise clients were using to build custom models. This incident highlights the significant supply-chain risks in the AI ecosystem and underscores the immense value of training data as a target for malicious actors. Nexus AI is currently working with forensic investigators and has begun notifying affected customers, who now face potential data leakage and model compromise.