CodeWall's autonomous agent hacked McKinsey's AI platform, Lilli, by exploiting a publicly exposed SQL injection vulnerability, gaining access to sensitive data including 46.5 million chat messages, 728,000 files, and 57,000 user accounts. The agent demonstrated that AI prompts are valuable targets and highlighted security failures in a prestigious firm's system that should have been protected.
https://codewall.ai/blog/how-we-hacked-mckinseys-ai-platform

