Overview
Severity: CRITICAL | Affected: SynapseAI | Category: breach
SynapseAI, a company providing AI-driven market intelligence, announced it was the victim of a significant data breach. Attackers exploited a vulnerability in a third-party data pipeline tool used to process and enrich customer datasets. The compromised data includes personally identifiable information (PII) for approximately 15 million individuals, sourced from SynapseAI's clients, as well as proprietary AI model configurations used for data analysis. The attackers reportedly exfiltrated the data over several weeks before being detected. The incident has raised serious concerns about supply chain security in the AI ecosystem and the cascading risk when centralized AI platforms process sensitive data from multiple sources. The firm is now working with cybersecurity experts and law enforcement and has notified affected clients.