GoKawiilAI evaluation startup Braintrust has urged customers to revoke and replace their API keys after an earlier breach of customer secrets.
According to an email sent to customers Monday and seen by TechCrunch, the startup confirmed “unauthorized access” in one of its Amazon Web Services cloud accounts, which contained API keys used by customers for accessing cloud-based AI models.
“We’ve communicated with one impacted customer and to date have not found evidence of broader exposure,” read the email.
The email asked “every customer to rotate” any of the API keys that they store with Braintrust.
Braintrust disclosed the security incident on its website on Tuesday. “The incident has been contained, and in the meantime, we’ve locked down the compromised account, audited and restricted access across related systems, and rotated internal secrets.”
The company said the cause of the breach is under investigation.
Braintrust spokesperson Martin Bergman told TechCrunch that the company sent the email to customers “out of an abundance of caution,” and that it “confirmed a security incident, but there is no evidence of a breach at this time.”
Techcrunch event This Week Only: Buy one pass, get the second at 50% off
Your next round. Your next hire. Your next breakout opportunity. Find it at TechCrunch Disrupt 2026, where 10,000+ founders, investors, and tech leaders gather for three days of 250+ tactical sessions, powerful introductions, and market-defining innovation. Register before May 8 to bring a +1 at half the cost. This Week Only: Buy one pass, get the second at 50% off
Your next round. Your next hire. Your next breakout opportunity. Find it at TechCrunch Disrupt 2026, where 10,000+ founders, investors, and tech leaders gather for three days of 250+ tactical sessions, powerful introductions, and market-defining innovation. Register before May 8 to bring a +1 at half the cost. San Francisco, CA | REGISTER NOW
... continue reading