OpenAI confirms data breach after supply chain attack on TanStack

Earlier this week, a wave of supply chain attacks hit multiple open source projects, affecting dozens of companies. Among them, OpenAI has now confirmed that hackers stole some internal source code data from its systems. The OpenAI data breach was linked to a malicious campaign targeting the widely used library TanStack.

On Wednesday, the artificial intelligence giant disclosed that two of its employees had their devices compromised during the attack. According to a blog post, an internal investigation revealed unauthorized access to a limited set of internal source code repositories. However, the company reassured users that no customer data or production systems were affected.

How the TanStack attack led to the OpenAI data breach

The incident began on Monday when TanStack, a popular open source library for building web applications, revealed it had been hijacked. Attackers published 84 malicious versions of the software within a six-minute window. A researcher detected the intrusion within 20 minutes, but the damage had already begun.

These malicious updates contained malware designed to steal credentials from infected systems. The malware could also self-propagate, spreading across networks to reach other machines. OpenAI confirmed that the compromised employee devices were part of this broader supply chain attack.

As a result, hackers gained access to a small portion of internal source code repositories. The stolen data included digital certificates used to sign OpenAI’s products. In response, the company is rotating these certificates as a precaution, which will require macOS users to update the app.

What was stolen and what remains safe

OpenAI stated that only limited credential material was taken from the affected code repositories. The company found no evidence that user data, production systems, or intellectual property were compromised. Additionally, no software was altered during the attack.

“We have found no evidence of compromise or risk to existing software installations,” the company wrote. This means that current users of OpenAI’s products are not at immediate risk. However, the incident highlights the ongoing vulnerabilities in the software supply chain.

For more on how companies protect against such threats, check out our guide on supply chain security best practices.

Who is behind this supply chain attack?

It remains unclear which group orchestrated the TanStack attack. Some past supply chain hacks have been attributed to a hacking gang known as TeamPCP, which itself was previously targeted by other hackers. However, other groups have used similar tactics.

In March, North Korean hackers hijacked Axios, another open source development tool, and pushed malware that could have infected millions of developers. Similarly, in May, Chinese hackers were accused of targeting thousands of Windows computers running Daemon Tools, a disc-imaging software.

These attacks rely on taking over open source projects and distributing malware disguised as routine updates. This approach allows attackers to compromise multiple targets with a single hack, spreading damage across the internet. As supply chain attacks become more common, companies must remain vigilant.

How to protect your organization from similar threats

Organizations can reduce their risk by implementing strict access controls and monitoring for unusual activity. Regularly rotating digital certificates and using multi-factor authentication are also effective measures. Additionally, keeping software updated and verifying the integrity of third-party libraries can help prevent similar incidents.

For further reading, explore our article on open source security risks and how to mitigate them.

In conclusion, while the OpenAI data breach was limited in scope, it serves as a reminder of the interconnected nature of modern software development. As hackers continue to target open source ecosystems, companies must prioritize security at every level.

US Lawmakers Demand Answers from Instructure After Canvas Data Breaches

The Canvas data breach scandal has escalated to the highest levels of U.S. government oversight. House lawmakers are now demanding that Instructure, the company behind the widely used Canvas school portal, provide testimony about its failure to protect sensitive student information. The House Homeland Security Committee is leading the charge, citing two separate cyberattacks that compromised the personal data of millions of students worldwide.

The Scale of the Canvas Data Breach Crisis

In a strongly worded letter to Instructure CEO Steve Daly, Committee Chair Representative Andrew Garbarino made it clear that the situation demands urgent accountability. The committee, which oversees homeland security activities, has called in the Cybersecurity and Infrastructure Security Agency (CISA) to assist with the investigation. Garbarino referenced TechCrunch’s reporting in his letter, emphasizing that hackers exploited the same vulnerability twice to steal massive amounts of student data and deface school login pages.

This Instructure cybersecurity failure is particularly alarming because it affects educational institutions that trust the platform with their most sensitive information. The company’s response has drawn sharp criticism, especially after it admitted that the attackers repeatedly breached its systems through the same security flaw.

Why Lawmakers Are Investigating Instructure

The committee’s primary concern is the company’s incident response capabilities. Garbarino noted that the second breach by the same group—the ShinyHunters hackers—raises “serious questions about the company’s incident response capabilities and its obligations to the institutions and individuals whose data it holds.” The lawmakers want to know exactly what data was stolen, how Instructure plans to notify affected schools, and whether its coordination with CISA was adequate.

As a result, the committee is demanding that Daly testify under oath. They seek to understand why the company failed to contain the threat after the initial intrusion. This is a critical point: if a major educational technology vendor cannot secure its systems, the ripple effects could endanger students across the globe.

The Controversial Ransom Payment

Instructure confirmed this week that it “reached an agreement” with the hackers, who provided evidence that they had deleted the stolen data. However, security experts are deeply skeptical. They argue that paying ransoms only funds future attacks and that hackers often retain data for further extortion attempts. The ShinyHunters representative told TechCrunch they would not continue to extort the company, but declined to disclose the ransom amount.

This decision to pay has sparked a broader debate about education software security. Many schools now question whether Instructure can be trusted to protect their students’ privacy, especially when the company’s response appears reactive rather than proactive.

What This Means for Schools and Students

For schools using Canvas, this student data breach is a wake-up call. The compromised information could include names, addresses, academic records, and even Social Security numbers in some cases. Parents and educators must now consider whether their institution’s data is safe with Instructure.

Furthermore, the House Homeland Security Committee investigation could set a precedent for how educational technology companies are held accountable. If lawmakers find that Instructure violated federal guidelines, it could face significant penalties or new regulatory requirements. Schools should review their own cybersecurity protocols and consider best practices for protecting student data.

What Happens Next?

Instructure has not yet responded to the committee’s request. Spokesperson Brian Watkins declined to comment when reached by TechCrunch. The company faces a critical decision: cooperate with the investigation or risk further damage to its reputation. Daly’s testimony, if it occurs, will likely reveal whether Instructure took the first breach seriously enough to prevent the second.

In addition, the CISA investigation will provide an independent assessment of the company’s security posture. This could lead to new guidelines for all educational technology vendors. For now, schools and parents should monitor the situation closely and demand transparency from Instructure.

Ultimately, the Canvas data breach saga highlights a systemic vulnerability in the education sector. Technology companies that handle sensitive student data must prioritize security over profits. As this investigation unfolds, it may reshape how we think about privacy in the digital classroom. For more insights, read our analysis on ransomware trends in education and how to respond to a data breach.

The AI Gold Rush Is Bringing Back Old Cybersecurity Blunders, Mandiant VP Warns

As organizations race to integrate artificial intelligence into their operations, a top executive at Mandiant Consulting has issued a stark warning: the AI rush cybersecurity mistakes of the past are resurfacing with a vengeance. Jurgen Kutscher, VP of Mandiant Consulting at Google Cloud, told Infosecurity Magazine during Google Cloud Next 26 that enterprises are so focused on novel threats like large language model poisoning that they are forgetting the fundamentals.

“A lot of the old problems are new again,” Kutscher said. “We’ve seen enterprises really worried about new AI threats while forgetting the most basic security controls.” This oversight, he argues, is creating a dangerous gap in enterprise defenses.

Mandiant Red Team Exposes Critical Failures in AI Deployments

Mandiant’s red team has been putting these concerns to the test. During simulated attacks that mimic real adversaries, testers have uncovered alarming weaknesses in AI-enabled environments. For instance, Kutscher revealed that attackers could change data classifications within an AI system, effectively bypassing protections like data loss prevention (DLP) solutions.

Even more troubling, Mandiant found basic hygiene issues that should have been caught years ago. “We observed an unencrypted communication stream between the AI and the browser when working with a financial company,” Kutscher noted. This kind of oversight—failing to encrypt data in transit—is a classic blunder that is now being repeated in the rush to deploy AI.

Social Engineering and AI as an Unwitting Accomplice

In multiple engagements, Mandiant’s red team successfully used social engineering to gain initial access. Once inside, they let the AI do the heavy lifting. “We’ve had the AI do the rest for us, including data theft and everything,” Kutscher said. Crucially, these were not shadow AI cases—these were authorized deployments where employees had company approval.

This means that even sanctioned AI workflows can become a liability if basic security controls are ignored. The problem is not just about rogue tools; it is about the absence of governance around sanctioned systems.

AI Security Governance: A Race Against Time

Kutscher emphasized that organizations must build AI security governance processes immediately. “Creating policies and governance is easier than cleaning up uncontrolled AI usage after the fact,” he warned. He recommends revisiting secure architecture and performing red-team validation to ensure critical assets are truly segmented.

For CISOs, the message is clear: don’t assume AI adoption absolves you of basic cybersecurity responsibilities. “It’s possible that these mistakes partly come from the fact that CISOs aren’t always involved in the deployment of AI workflows,” Kutscher speculated. “But the lack of basic security controls around AI workflow deployments is there, and it’s a significant risk.”

Lessons for Enterprise AI Deployment

So, what can organizations do to avoid repeating the AI rush cybersecurity mistakes that Mandiant has documented? First, ensure that AI deployments are included in existing security frameworks. Basic controls like encryption, access management, and data classification must not be overlooked. Second, involve the CISO and security teams from the start of any AI project. Finally, conduct regular red-team exercises to test AI-specific vulnerabilities.

As Kutscher put it, recognizing AI’s power for defense is important, but it should not come at the cost of fundamental security practices. For more insights, check out AI security best practices and red team testing for AI systems. The era of AI is here—but the basics still matter.