Braintrust Urges API Key Rotation After AWS Account Compromise

TL;DR: Braintrust confirmed unauthorized access to a single AWS account that stored customer API keys and urged all users to rotate those keys. The company says the incident is contained, with no evidence of wider exposure so far.

Context Braintrust, an AI evaluation startup valued at $800 million after an $80 million Series B round in February, provides a platform for monitoring AI models. On Monday it emailed customers about "unauthorized access" in one of its AWS cloud accounts, which held API keys used by customers to call external AI models. The email, seen by TechCrunch, asked every customer to rotate any API keys stored with Braintrust.

Key Facts Braintrust told TechCrunch it has contacted the one affected customer and found no evidence of broader exposure. It stated the breach was contained, the compromised AWS account locked down, access audited and restricted, and internal secrets rotated. The company said the cause remains under investigation and that the advisory was sent out of an abundance of caution.

What It Means The incident highlights how attackers target cloud credentials to move laterally into customer environments. Exploiting exposed API keys maps to MITRE ATT&CK technique T1078 (Valid Accounts) and T1552.001 (Unsecured Credentials: API Keys). Similar events include the 2023 CircleCI breach and a recent EU Commission AWS compromise that leaked 92 GB of data across 29 entities.

Mitigations / What Defenders Should Do - Immediately revoke and replace any API keys stored with Braintrust or similar third‑party platforms. - Enable AWS CloudTrail logging and set alerts for anomalous IAM usage (e.g., new access keys from unfamiliar IPs). - Apply the principle of least privilege: restrict API key permissions to only required actions and rotate them on a 90‑day schedule. - Scan repositories and configuration files for hard‑coded keys using tools like git‑secret or TruffleHog. - Review CISA’s AA23‑062A advisory on securing cloud workloads for additional detection signatures.

Watch for any follow‑up statements from Braintrust regarding the root cause and whether additional customer accounts show signs of compromise.