A DOGE staffer with entry to the non-public data on tens of millions of Individuals held by the U.S. authorities reportedly uncovered a non-public API key used for interacting with Elon Musk’s xAI chatbot.
Unbiased safety journalist Brian Krebs stories that Marko Elez, a particular authorities worker who in current months has labored on delicate methods on the U.S. Treasury, the Social Safety Administration, and Homeland Safety, just lately revealed code to his GitHub containing the non-public key. The important thing allowed entry to dozens of fashions developed by xAI, together with Grok.
Philippe Caturegli, founding father of consultancy agency Seralys, alerted Elez to the leak earlier this week. Elez eliminated the important thing from his GitHub however the important thing itself was not revoked, permitting continued entry to the AI fashions.
“If a developer can’t preserve an API key non-public, it raises questions on how they’re dealing with way more delicate authorities data behind closed doorways,” Caturegli advised KrebsOnSecurity.
