AI evaluation startup Braintrust got hacked - and is asking every customer to rotate their AI provider API keys because the breached AWS account stored them all in one place

Braintrust, an AI evaluation and observability platform recently valued at $800 million, confirmed Tuesday that an unauthorized actor accessed one of its AWS accounts on May 4. The breached account held org-level API keys that customers store with Braintrust to access OpenAI, Anthropic, and other AI providers. Braintrust has confirmed exposure of one customer and is investigating three more reporting suspicious AI-provider usage spikes. The pattern - a relatively small AI infrastructure provider becoming a credential warehouse for downstream customers - is what Nudge Security's Jaime Blasco called 'the new shape of supply chain risk.'

Check

If your organization uses Braintrust, log into the org-level settings page and check the timestamp of every stored AI provider secret. Audit AI provider billing dashboards for unexpected usage spikes since April.

Affected

Braintrust customers, particularly AI-forward companies that store provider API keys in Braintrust org-level settings. Public reports suggest the customer base includes Box, Cloudflare, Dropbox, Notion, Ramp, and Stripe. Beyond Braintrust: any AI eval, observability, or gateway tool that holds customer-issued provider keys is the same risk pattern.

Fix

Rotate every AI provider API key stored with Braintrust - go to org-level settings, delete existing secrets, configure new ones, verify timestamps. Apply the same rotation to keys stored in similar AI eval/observability/gateway tools. Switch from static API keys to short-lived OIDC-issued credentials where the AI provider supports it. Add SCPs that restrict which AI provider services your IAM keys can call.