
A hacker claims to have exposed almost 1 million users through a flaw in Amazon’s AI coding assistant, which can lead to potential data loss. The attack was reportedly not successful due to a syntax error in the code itself.
According to Techspot, the breach occurred via Amazon Q’s open-source GitHub repository, where the hacker inserted a command that could delete user files and data. The prompt was purportedly designed as a tool for system cleanup and resource deletion.
Amazon has since acknowledged the incident but confirmed that the malicious code was unable to cause any damage thanks to this error. A representative stated, “AWS Security has inspected the code and verified that no customer resources were impacted.”
The hacker communicated their intent through 404Media, claiming they had crafted a warning message meant to provoke a response about the company’s security measures. They have criticized Amazon’s security protocols, suggesting that the flaw was both concerning and exposed the weaknesses in current AI technologies utilized by large corporations.