Description: CodeWall reported that its autonomous agent exploited vulnerabilities in McKinsey's Lilli AI platform and obtained unauthorized read and write access to production systems, allegedly exposing internal chat messages, files, user accounts, and prompts. McKinsey confirmed the vulnerability and said it fixed the issue within hours, but said it found no evidence that client data or client confidential information were accessed.
Editor Notes: Treated as an incident rather than an issue because the report alleges a realized unauthorized access event against McKinsey's live Lilli production system, with actual internal data and prompt-layer assets reportedly exposed, rather than just being a theoretical or unexploited vulnerability.
Entities
View all entitiesAlleged: McKinsey & Company , CodeWall , Retrieval-augmented generation (RAG) system , Lilli , CodeWall autonomous offensive agent , AI-powered enterprise search system and AI document analysis system developed and deployed an AI system, which harmed McKinsey & Company , McKinsey & Company employees , McKinsey & Company consultants , Lilli users and Privacy.
Alleged implicated AI systems: Retrieval-augmented generation (RAG) system , Lilli , CodeWall autonomous offensive agent , AI-powered enterprise search system and AI document analysis system
Incident Stats
Risk Subdomain
A further 23 subdomains create an accessible and understandable classification of hazards and harms associated with AI
2.2. AI system security vulnerabilities and attacks
Risk Domain
The Domain Taxonomy of AI Risks classifies risks into seven AI risk domains: (1) Discrimination & toxicity, (2) Privacy & security, (3) Misinformation, (4) Malicious actors & misuse, (5) Human-computer interaction, (6) Socioeconomic & environmental harms, and (7) AI system safety, failures & limitations.
- Privacy & Security
Entity
Which, if any, entity is presented as the main cause of the risk
AI
Timing
The stage in the AI lifecycle at which the risk is presented as occurring
Post-deployment
Intent
Whether the risk is presented as occurring as an expected or unexpected outcome from pursuing a goal
Intentional
Incident Reports
Reports Timeline
Loading...
McKinsey & Company --- the world's most prestigious consulting firm --- built an internal AI platform called Lilli for its 43,000+ employees. Lilli is a purpose-built system: chat, document analysis, RAG over decades of proprietary research…
Variants
A "variant" is an AI incident similar to a known case—it has the same causes, harms, and AI system. Instead of listing it separately, we group it under the first reported incident. Unlike other incidents, variants do not need to have been reported outside the AIID. Learn more from the research paper.
Seen something similar?
Similar Incidents
Did our AI mess up? Flag the unrelated incidents
Similar Incidents
Did our AI mess up? Flag the unrelated incidents