AWS
開発者と提供者の両方の立場で関わったインシデント
インシデント 11583 Report
Alleged Malicious Wiping Command Found in Amazon Q AI Assistant
2025-07-17
A reported compromise of Amazon's AI coding assistant "Q" allegedly involved the insertion of commands that, if executed, could have wiped local files and potentially affected cloud resources. The altered code was reportedly incorporated into a public release before being detected and removed.
もっと影響を受けたインシデント
インシデント 9561 Report
Alleged Inclusion of 12,000 Live API Keys in LLM Training Data Reportedly Poses Security Risks
2025-02-28
A dataset used to train large language models allegedly contained 12,000 live API keys and authentication credentials. Some of these were reportedly still active and allowed unauthorized access. Truffle Security found these secrets in a December 2024 Common Crawl archive, which spans 250 billion web pages. The affected credentials could have been exploited for unauthorized data access, service disruptions, financial fraud, and a variety of other malicious uses.
もっとIncidents implicated systems
インシデント 14242 Report
Claude Code Agent Reportedly Deleted DataTalks.Club Production Infrastructure, Database, and Snapshots via Terraform
2026-02-26
A Claude Code agent executing Terraform commands reportedly destroyed the production infrastructure behind the DataTalks.Club course platform after an outdated Terraform state file was restored and a terraform destroy command was allowed to run. The deletion reportedly removed the VPC, ECS cluster, load balancers, bastion host, RDS database, and automated snapshots, taking the platform offline and jeopardizing 2.5 years of data. AWS reportedly later restored a snapshot.
もっと