Braintrust reports unauthorized AWS-account access and tells customers to rotate provider keys
Braintrust said an internal AWS account was accessed without authorization, notified one affected customer, and told users to rotate org-level AI provider keys. The incident matters because teams storing shared model credentials in Braintrust may need immediate secret rotation while the investigation continues.
TL;DR
- Braintrust said braintrust's incident post disclosed unauthorized access to an internal AWS account and that it had contacted one impacted customer.
- In the same thread, braintrust's key-rotation instructions told customers with org-level AI provider keys stored in Braintrust to rotate and revoke those secrets.
- The company linked a live security bulletin in braintrust's incident post and said in braintrust's follow-up that the investigation is still ongoing.
From braintrust's initial disclosure, the useful detail is the narrow scope Braintrust described so far: one impacted customer, no evidence of broader exposure to date, and a specific warning about org-level provider credentials. The linked security bulletin is where Braintrust said it would post updates, while the rotation instructions point users directly to the org secrets settings page.
AWS account access
Braintrust said an internal AWS account was accessed without authorization, according to braintrust's incident post. The company also said it had already communicated with one impacted customer and had not found evidence of broader exposure at the time of posting.
That makes this a credentials story as much as an infrastructure story. The first public guidance in braintrust's thread opener was the link to Braintrust's security bulletin, not a root-cause explanation.
Provider key rotation
Braintrust's most concrete action item came from the second thread post, which specifically called out org-level AI provider keys stored in Braintrust.
It told customers to:
- visit the org secrets settings page
- rotate each secret on the corresponding AI provider page
- delete or revoke the existing secret
- confirm the replacement secrets show they were configured that day
The wording matters. Braintrust did not issue a blanket rotate-everything message in the tweet thread. It named org-level AI provider keys in Braintrust as the precautionary target.
Investigation status
In braintrust's follow-up, the company said the investigation remained ongoing and that it would keep updating the security bulletin with more information. The same post said the team had already communicated details to customers and was available for questions.
That follow-up adds one fact not present in the first post: Braintrust framed the bulletin as the continuing source of record for incident updates, not just the place where the disclosure first appeared.