A recent cybersecurity experiment has highlighted emerging risks surrounding enterprise artificial intelligence after an autonomous AI agent successfully breached McKinsey & Company’s internal AI platform, known as Lilli. The system is used by more than 40,000 McKinsey employees to search internal knowledge, analyse documents, and assist with consulting work.
The breach occurred during a controlled security test conducted by researchers from cybersecurity startup CodeWall. An autonomous AI agent was launched against the platform and allowed to operate without credentials, insider knowledge, or human guidance. According to the researchers, the agent was able to compromise the system in just two hours, gaining full read-and-write access to the production database.
The AI agent autonomously scanned for vulnerabilities, identified exposed endpoints, and chained together several weaknesses to access the system. Once inside, it was able to view internal files and system prompts used to control the chatbot’s responses. One report described the result of the test:
“The agent performed really well, hacking Lilli and gaining full read and write access to the entire production database in just two hours.”
Researchers also emphasised how little prior access was required:
“No credentials. No insider knowledge. And no human-in-the-loop.”
McKinsey said the vulnerability was fixed after it was disclosed and that there is no evidence client data was compromised.
Why important?
This demonstrates how autonomous AI agents can rapidly discover and exploit vulnerabilities in complex systems, suggesting that future cyberattacks may increasingly involve AI attacking other AI platforms at machine speed.
Source: