Overview
Severity: CRITICAL | Affected: Nexus AI | Category: breach
Nexus AI, a leading developer of enterprise-grade foundation models, disclosed a severe data breach. Attackers exploited a misconfigured cloud storage bucket, gaining access to terabytes of sensitive data. This included pre-release proprietary model weights for their upcoming 'Nexus-5' multimodal model, extensive curated training datasets containing proprietary corporate information from clients, and internal API keys. The breach highlights the significant supply chain risk associated with using third-party AI platforms and the immense value of training data as a target for corporate espionage. The company has initiated a full-scale forensic investigation and has notified affected enterprise customers. The incident is expected to have a significant financial impact and has raised concerns about the security practices of major AI labs.