I've got no idea who codewall is. Is there acknowledgment from McKinsey that the...

rzmmm · 2026-03-11T15:07:05 1773241625

Yeah can't find much information either. I would like to see at least some proof. Either via Mckinsey or from the security team.

doron · 2026-03-11T15:36:48 1773243408

it is weird isn't it? The register article implies that it's acknowledged by McKinsey- https://www.theregister.com/2026/03/09/mckinsey_ai_chatbot_h...

Edit: Apparently, this is the CEO https://github.com/eth0izzle

sigmar · 2026-03-11T16:17:32 1773245852

>A McKinsey spokesperson told The Register that it fixed all of the issues identified by CodeWall within hours of learning about the problems.

Ah. Thanks for the link. I'm suspicious of everything posted to a blog without proof these days.

darkport · 2026-03-11T20:57:01 1773262621

We’re pretty new! :) They didn’t want to provide comment on our post but they did offer comment via The Register.

philipwhiuk · 2026-03-11T17:35:15 1773250515

There's a responsible disclosure timeline at the bottom indicating they'd all been fixed.

tylervigen · 2026-03-12T10:53:37 1773312817

I think the point is that we don't have evidence that this actually happened from anyone other than Codewall.

eisa01 · 2026-03-11T16:04:13 1773245053

If it's true that there's 58k users in the dump, that would mean former employees are in the dump

I assume that means McKinsey would need to disclose it, or at least alert the former employees of the breach?